firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:03:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qcZXZcyhP5g5P75s6J06Y8eBwx9q7SO62Yx0gsakp06hwETvSBUt0w==
Age: 3562
holavpninstaller.com/
302 Moved Temporarily 138 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 20 Sep 2022 20:02:29 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://holavpninstaller.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2245
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 20:02:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jMcBi5P9MjtKeQ7psIa23_GszmdBQZZbBqgUTxeCELlKcB3Uz2eUoQ==
age: 55636
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 19:03:22 GMT
Expires: Tue, 20 Sep 2022 19:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LUsCknLyCAqN_jLrYUb_mwFZYEWz3vked53fzLAIXhY9t_XEPmyCWA==
Age: 3547
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4a4c7d37b4561b93ae97a84f0963a64d
937d8adcea5fceafb47de95b1642be2fa573f2d6
1a15d5e839a527b9b60c191dad1bc4f7931eceab060f0534076291ba8da7d880
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:02:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 05:42:01 GMT
Expires: Mon, 26 Sep 2022 05:42:00 GMT
Etag: "937d8adcea5fceafb47de95b1642be2fa573f2d6"
Cache-Control: max-age=466170,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd28b6b817b511-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2881
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:30 GMT
Last-Modified: Tue, 20 Sep 2022 19:14:29 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
200 OK 29 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3e04a877544437b222797045dec3a505
a14fe637ed9e5d1820df676f244033f736379cc5
160671317271ed1ab54554f2f164c026274cc36fb274022a8ce09e9025faa1df
GET /www/hola/pub/less_core.bundle.css?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 29326
content-type: text/css; charset=utf-8
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-190573-bc470027"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds014.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
holavpninstaller.com/
200 OK 42 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30605)
Hash 92f2d7e7a684db0bfba3e3f2ae977472
b374698c249741cf62848ff0f44e08d8ddaebab4
48d4a356031c40c922d851cb5f8ee962b6fe4de3d920936fc732df59c4591ba7
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:29 GMT
content-type: text/html; charset=utf-8
set-cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; Max-Age=86400; Path=/; Expires=Wed, 21 Sep 2022 20:02:29 GMT; Secure; SameSite=None
i18next=en; Path=/; Expires=Wed, 20 Sep 2023 20:02:29 GMT; SameSite=Strict
h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; Max-Age=31536000; Path=/; Expires=Wed, 20 Sep 2023 20:02:29 GMT
ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D; Domain=.holavpninstaller.com; Path=/
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
content-language: en
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://metrika.yandex.ru/
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
content-encoding: gzip
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/get_app_store.svg?ver=1.202.583
200 OK 5.8 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/get_app_store.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7538)
Hash 32096f84c6f039351b7c30b0104703ae
c2176f41bd7d8dc2dd15ca2b30b6892cd0257b35
76ccea859a106aa511d75c318ecec7dc37bc2d06204fc5d4b1a064cff4e3a7cc
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/get_app_store.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 5840
content-type: image/svg+xml
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-14398-2d837045"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds017.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/css/core/font_switzer.css?ver=1.202.583
200 OK 722 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/css/core/font_switzer.css?ver=1.202.583
IP
File type ASCII text, with very long lines (9082), with no line terminators
Hash 758548f1f58b82e3f99433a0ad781bb6
3a1a47b5a99f7b713f91e56325c2b0ea4dcf0da9
1e9d25d32daad9bd33e4f82d7ccc94111947d57ef64cd791415a349c14884e3c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/css/core/font_switzer.css?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 722
content-type: text/css; charset=utf-8
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-9082-79b4cbde"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds222.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/hola_lettering.svg?ver=1.202.583
200 OK 1.4 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/hola_lettering.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2915)
Hash 5c25314e932c08828a821b4973fcf47c
1a12f47f3bc4677ccb265c2549c972fd42c3426d
bbeb823f6c84a60a077302ecd5506200e1cbd40be956092d7a4ca6ae7ba7161d
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/hola_lettering.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 1357
content-type: image/svg+xml
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-3023-44e1a6e9"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds227.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/download/android.svg?ver=1.202.583
200 OK 4.4 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/download/android.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6007)
Hash 01b6cd0f70f8e0a3b366299274dec787
bd49aa9c2a45316ce51aa652a33a44cbd2f8f86d
7912de521318c0294ae9a4ed792e61c2cb495f4564822da1a1ef4842e5fea53c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/download/android.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 4407
content-type: image/svg+xml
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-12166-3851a24a"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds229.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/locale/pub/languages_ext.js?ver=1.202.583
200 OK 1.9 kB URL HTTP/2 cdn4.holavpninstaller.com/www/locale/pub/languages_ext.js?ver=1.202.583
IP
Hash f604324531a2a059fe67f74ddc9fb350
84f1396163e5758e788b7530e78da88306dafc3b
216451444f7767b7dcf66c298b5570e12bb1baf5c3c269585670be2af4dab837
Analyzer Verdict Alert fortinet Malware
GET /www/locale/pub/languages_ext.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
content-encoding: gzip
content-length: 1862
content-type: application/javascript; charset=utf-8
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-5472-31657e74"
vary: Origin
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds232.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cvVClzgOuoUSZgTJ0hXngQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: puMfj5V5dsQ5wOWwJSYb6ohEO2w=
cdn4.holavpninstaller.com/www/hola/pub/21a02866b0a62d557df02e108c006b06.1.202.583.chunk.js?ver=1.202.583
200 OK 8.2 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/21a02866b0a62d557df02e108c006b06.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (20322)
Hash 24df53eec095b04d1325ba7c44d041b7
632871aeda3484c13b97dcb26d4d603433ed1f28
5c5695c3c50d58b2ace536c1b5de02b8fe4767c11dc9881aeab45d32c6ee99fc
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/21a02866b0a62d557df02e108c006b06.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 8167
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds222.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-28600-0e2ef84a"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/9ab748fa4c41f259209d932a5b96d800.1.202.583.chunk.js?ver=1.202.583
200 OK 3.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/9ab748fa4c41f259209d932a5b96d800.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (6926)
Hash 66e59cec921e381ebebd2d198936ab62
841720e3c7b3b50da1dd568216f71913bafb952b
7bb0931de52147c10531488270f0e568f8f146531565c3f2721d78f20fcc2481
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/9ab748fa4c41f259209d932a5b96d800.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 3099
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds244.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-14156-55df9ddd"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/1910608c9f8f5f0d84ee05770267b653.1.202.583.chunk.js?ver=1.202.583
200 OK 4.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/1910608c9f8f5f0d84ee05770267b653.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (6753)
Hash a658a5ac8cfbaeba311119cfea2be6a7
ac1e6b6c6a56fa0bdace429fe970dd9bfa5add00
1647e6ca88d98edd4182dbe3968a5c5fe669f497e498c4cd083c9b9491c75961
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/1910608c9f8f5f0d84ee05770267b653.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4085
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds216.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-13295-990e8d44"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/a7485c4961c521c4d9bedbb1358d04c8.1.202.583.chunk.js?ver=1.202.583
200 OK 3.9 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/a7485c4961c521c4d9bedbb1358d04c8.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (7288)
Hash a48ac2a72de75ba7fa94d40ec0fd14c2
0c3da3d542109e89be010065d467a7b1afa80a4d
bf62b9278fecc1b42c5061e646cb992a5b39d044d2e32656074983eadd3ae76c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/a7485c4961c521c4d9bedbb1358d04c8.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 3866
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds264.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-16535-a6e2e7e1"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/af74a1f6f7e35212055024ae7b3e1d1b.1.202.583.chunk.js?ver=1.202.583
200 OK 4.3 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/af74a1f6f7e35212055024ae7b3e1d1b.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (6322)
Hash a3313693fad23b93aa3fff58b5e42a77
b625078615aa59d2cc34d1ee2cd3f5e33729dde6
f497939b148ae72df37a9c194ba4ebdae776dfd079a87ec42dd70e6c96894f9c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/af74a1f6f7e35212055024ae7b3e1d1b.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4334
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds260.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-21080-5db7844d"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/130e83347ea9441aea0f4853d27101fc.1.202.583.chunk.js?ver=1.202.583
200 OK 3.5 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/130e83347ea9441aea0f4853d27101fc.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (10562)
Hash 498fccb3ae0d307e970d2cf0bec5f350
4ddd60374d96fb02e8e94ef10b4f96a2929a6bbf
f0f1f782dce06e32b1c78fe3f85828e3ddd9ead60062cdde48ea7537e61869a9
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/130e83347ea9441aea0f4853d27101fc.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 3499
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds242.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-13301-c034e046"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/b7c7aa0f2b85df8985988789e8fbb63b.1.202.583.chunk.js?ver=1.202.583
200 OK 4.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/b7c7aa0f2b85df8985988789e8fbb63b.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (15611)
Hash ef1af956d9134bda4835fa77937864b8
af02c5a330e7aa03c5688ba0413c23114d7511c8
fb10dcfca06eab0a0a0f9a28e2f1b549b13bc4f89fabcf6f58ecd232e23090a2
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/b7c7aa0f2b85df8985988789e8fbb63b.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4106
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds258.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-18307-58043627"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/4479f0cc084bd801f3ca1429351e3c1d.1.202.583.chunk.js?ver=1.202.583
200 OK 9.0 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/4479f0cc084bd801f3ca1429351e3c1d.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (15160)
Hash 7d5adbbe6e18a0c8ef25db86152d416c
57910b6a4c728439346b3b22172172cda91ce7fb
d80eda13b192e5f4160c9652e9d56dde801a610b2e96b28bcb9fd08daed6e20b
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/4479f0cc084bd801f3ca1429351e3c1d.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 9004
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds072.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-46845-16b1cd5a"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/e12ef715a82532642d13116ed632bc95.1.202.583.chunk.js?ver=1.202.583
200 OK 11 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/e12ef715a82532642d13116ed632bc95.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (30679)
Hash 5203d07ac79ce64e2ab092c7baadd8d7
0119875f7a06c4cb363a551d82726009d70f0c29
4d28aa658c1a967c5c7ce518ecfe868080b095fbe9e4e4005531e7bc3ae87bc2
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/e12ef715a82532642d13116ed632bc95.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 11406
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds246.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-40754-8123df97"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/react.bundle.css?ver=1.202.583
200 OK 1.4 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/react.bundle.css?ver=1.202.583
IP
File type ASCII text, with very long lines (5823)
Hash 940bafff048cbea3fbbffb051598f9f2
f7794daf48f9f38a341a0e79c0f86cb6e74539e5
a12db13df9559e982e60e72658df19f5fb3ea6080e82c9d29d03ba5d44f8882e
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/react.bundle.css?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1448
content-type: text/css; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds068.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-5897-0ea137c8"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/config.1.202.583.js?ver=1.202.583
200 OK 4.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/config.1.202.583.js?ver=1.202.583
IP
Hash 25beba8d019f977ea32cf68011a26122
ffa529620e56a0c612227172462fbfb3339fdb35
74cca013563e74bb61bb527ed9e2abc6660fa54e4e36adb473579623c6b2eeea
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/config.1.202.583.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4069
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds012.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-12660-8573ec98"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/36c4dbd501f103f9ac4ce06d18d7e9c8.1.202.583.chunk.js?ver=1.202.583
200 OK 5.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/36c4dbd501f103f9ac4ce06d18d7e9c8.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (9393)
Hash 14ed034aea16224fdaeaf6b6be5aebaa
104d4d1ce044a155806e2a6324ce8843967e1baf
4ce35ec5be35f4e41f95597143679819f07e9385821a4b1b9aa1b80be094ae5b
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/36c4dbd501f103f9ac4ce06d18d7e9c8.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 5116
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds012.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-27577-df0e1d0d"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/a2c3376daff5afe4a244141acbe0a002.1.202.583.chunk.js?ver=1.202.583
200 OK 5.9 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/a2c3376daff5afe4a244141acbe0a002.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (8196)
Hash c6e32390c4ded74f59f5165a4458e424
1230bfeb8f9cf7cb0d7a3095412f60059f61449f
1aec4996c903ccb5bb551c797e29198cf28406c7fd3210118087f1c5c43d19ea
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/a2c3376daff5afe4a244141acbe0a002.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 5910
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds020.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-45945-931a1a4d"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/cc8ef754a84359dea0ca284ea6ab3fce.1.202.583.chunk.js?ver=1.202.583
200 OK 17 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/cc8ef754a84359dea0ca284ea6ab3fce.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (51564)
Hash 929dc48b01e18ba60cdfe0b4bba6d1f8
4cd823f058433f4b2ea356077d213a23cf215693
041d7750e2d5c735d82cadeda265f4d5317fa3180c2fde1a773ed8eb9c2b70d1
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/cc8ef754a84359dea0ca284ea6ab3fce.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 17067
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds220.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-68590-e3b9a502"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/1396c90de55ccb2a71049f43e7e2e572.1.202.583.chunk.js?ver=1.202.583
200 OK 23 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/1396c90de55ccb2a71049f43e7e2e572.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (65516)
Hash 4c1d465f774988ca5f25386289a1b2ee
64a93d7dcd7d37359e73a752bc033ec3e55e776a
42c670b739345cf1b049a38c5b3ec2254557d2b4e9ba5f9ae57d210fdc19c51f
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/1396c90de55ccb2a71049f43e7e2e572.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 22581
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds210.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-105950-a86faeac"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 20:02:31 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Montserrat:400,500,600,700
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700
IP
Hash d1d9c4a6ebe0ea2bd85458b55dcd8beb
7ce05f43a00bd62e3abeed8220a7ffcefe45deff
c3726cf9a95a2a2b5f2692f2ca035b8c3f726c59b7fa2e071ae34aba172b485d
GET /css?family=Montserrat:400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:02:30 GMT
date: Tue, 20 Sep 2022 20:02:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;500
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;500
IP
Hash fcb5e9feb7b460667fefe51c0ae9c7e2
096b01930f40d4b9c26c022a68d9edbbfb06e31b
b299b0dd5be00e05db1ff371f44902abfac2fa74bb3af5794a77df1d110c9787
GET /css2?family=IBM+Plex+Mono:wght@400;500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:02:30 GMT
date: Tue, 20 Sep 2022 20:02:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 20:02:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 78926
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 77941
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 79947
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 79198
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 79175
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 62174
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/d70ae7b16a386a69116b097e282af76b.1.202.583.chunk.js?ver=1.202.583
200 OK 8.7 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/d70ae7b16a386a69116b097e282af76b.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (31278)
Hash 07cc7cfbeb719a4e2f9ba1e21c3d5b25
ec6ae17849e3ff26f7f77d853ce492231b4d91fa
912b56bac8a07cbc4983c2f4a5e5aac0d6846f91c7d542d259db44c4efbba5f1
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/d70ae7b16a386a69116b097e282af76b.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 8685
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds263.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-31405-be5344e0"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/19a4afa49f373d2e49ab46f6e9d68bf8.1.202.583.chunk.js?ver=1.202.583
200 OK 8.2 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/19a4afa49f373d2e49ab46f6e9d68bf8.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (35626)
Hash 59928d9cc88b9e360d24467a3dcfcc30
323279029fa20816872ce012d3b7fbee95d39ef3
24ddddb870e0f421493e5f7747e8a40a7c6a781913b91eb5e17da835ce942b1a
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/19a4afa49f373d2e49ab46f6e9d68bf8.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 8246
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds010.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-35753-67d99a60"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/cc3218cf880389fd0b229ece017b687c.1.202.583.chunk.js?ver=1.202.583
200 OK 5.2 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/cc3218cf880389fd0b229ece017b687c.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (9423)
Hash 51b3b8f184ad153716d277931f133b38
a1732d5725c48e3704bc192669915d2f32ecc50e
ac119c8748b4b27f3e338f35e7c1d7f39bc1d267728810f93b3b357b871042ee
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/cc3218cf880389fd0b229ece017b687c.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 5208
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds228.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-27529-7185b38d"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/a7409c67ca70ca062651ccf070645032.1.202.583.chunk.js?ver=1.202.583
200 OK 4.3 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/a7409c67ca70ca062651ccf070645032.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (14572)
Hash 55c84c899a8eddb4a4f91c0acc698862
a6678a2280d3e649be4a1baab7f9619a6116f616
3635b5c077d94990b7449967b79874a0d77f675a0f098c73c0cab4b5671e90df
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/a7409c67ca70ca062651ccf070645032.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4330
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds204.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-26316-3bd863c3"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/152d8e7d87ade3faca24aa26e5e6ebbd.1.202.583.chunk.js?ver=1.202.583
200 OK 10 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/152d8e7d87ade3faca24aa26e5e6ebbd.1.202.583.chunk.js?ver=1.202.583
IP
File type C source, ASCII text, with very long lines (18849)
Hash 89e00e796761d230f8341c616d238cc0
5b9fed6f7cd4adbc900028071ffb5883210c411d
f7a172117eeb3fe8c9b206db13748acad832d866ac1fcd62a7c2ba9958c0b598
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/152d8e7d87ade3faca24aa26e5e6ebbd.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 10350
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds230.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-36287-988a5f2f"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/25bfec887650dd6b4bed5edbcc2f5cca.1.202.583.chunk.js?ver=1.202.583
200 OK 1.8 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/25bfec887650dd6b4bed5edbcc2f5cca.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (7407)
Hash 652c957dde5a3d90e796dc585fdefe31
6fdcc27de5e855e2dd5f3c3a191d252f4ab62585
135f77087091de7e79199b3be0f5ad17eb08b33c741b53a6a7a4bbb0c4351c24
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/25bfec887650dd6b4bed5edbcc2f5cca.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1774
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds207.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-7534-8c286c10"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/7f98e08e19e3e3b48e9c1288cf4864a9.1.202.583.chunk.js?ver=1.202.583
200 OK 5.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/7f98e08e19e3e3b48e9c1288cf4864a9.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (6970)
Hash bf985dca1ab3f53bd77ab2d97a5c8f2e
fefe992b0bc12b7faf08cf92b8c9e33cdc697150
eb1480542bd2601aa6aac6ecff20fa6d35b6f7370abea51b2e305bd9be12af2c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/7f98e08e19e3e3b48e9c1288cf4864a9.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 5090
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds247.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-15536-9f12b696"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/c30e5c65b41144da40aa47a577443572.1.202.583.chunk.js?ver=1.202.583
200 OK 19 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/c30e5c65b41144da40aa47a577443572.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (8763)
Hash 319a534995f699a3d58b32db02c22330
e42b893f29a5e0100c2afc83c3411a4f847b8319
adee7b0523c8ee4ec3524ac75fa5804c1ce363633c22b19c77da29ac1371982e
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/c30e5c65b41144da40aa47a577443572.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 19162
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds204.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-126130-eb8bf421"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/a12a6b59f6fedc0fcc968207de58f470.1.202.583.chunk.js?ver=1.202.583
200 OK 3.0 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/a12a6b59f6fedc0fcc968207de58f470.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (6771)
Hash 58e8be9008c7b15e652e6fbfbb2d4cf7
82580e4f303dd7a1addcff55ba4bcea4ec12122d
79b2c7a27e8f95caa58bc14282d54279cfd17cd7dd1baa324d7aac51a1661cfa
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/a12a6b59f6fedc0fcc968207de58f470.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 2993
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds241.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-14620-b3dc539f"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/a00f7602b9ce9a3f0222d281c16f6682.1.202.583.chunk.js?ver=1.202.583
200 OK 4.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/a00f7602b9ce9a3f0222d281c16f6682.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (15740)
Hash cb32e56db9809f7eead2049d2964690d
90e161e8ca0c1c41e42c9a8d3ee4fad0189041bb
3f924fccbcb70ebde817d852c294b092dee0623c3b4053cd1ec874f947b121e8
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/a00f7602b9ce9a3f0222d281c16f6682.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 4075
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds213.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-17294-0526e181"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/35566a23360ef0e79316de16c63c763f.1.202.583.chunk.js?ver=1.202.583
200 OK 30 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/35566a23360ef0e79316de16c63c763f.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (38940)
Hash 8bf4438349b1e865bb0991dfaed3b6a2
056cb0b81237a75734bfcee1badfcec481abf9fa
7fa29b8f2b903378d9464e692e17fd9a65d4c40ba5cbf0be19e2374133981325
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/35566a23360ef0e79316de16c63c763f.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 30480
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds228.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-110146-4a58ee90"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/57cfb250e03d892e8c72a2703362f19a.1.202.583.chunk.js?ver=1.202.583
200 OK 5.8 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/57cfb250e03d892e8c72a2703362f19a.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (6585)
Hash 75e87a16cefec09e944c59461cd096e6
29f62a74c4718f65f7079a9f2a206c2b57366bcf
254b5b281bb0a4d84284bfcdeb3d2d50e6a15ed0c27c070820cb5f37e74beb69
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/57cfb250e03d892e8c72a2703362f19a.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 5760
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds231.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-18660-623a1c9a"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/53777a5f2c38121aea7b83af7d54eabc.1.202.583.chunk.js?ver=1.202.583
200 OK 3.5 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/53777a5f2c38121aea7b83af7d54eabc.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (14299)
Hash 78eeea231e3686c2ab8b5f9ee17e6b43
e8db62d0a5f81eff19c37ca318d1262b7152392b
9a375021df715123245a0e63319f96f8501290e225771de9da829dcb483b5907
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/53777a5f2c38121aea7b83af7d54eabc.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 3505
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds221.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-14426-26cd506c"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/63a9f0ea7bb98050796b649e85481845.1.202.583.chunk.js?ver=1.202.583
200 OK 15 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/63a9f0ea7bb98050796b649e85481845.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (52441)
Hash c7568544e193cf5e6b492452262e90d4
608fa9f5acdcf3dd1a110a83fd6dd4c2fe6c4f05
f44d4914e471ba777accc8bcfb7be6cf0f2e9eec596bf668f763e9aee32b340c
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/63a9f0ea7bb98050796b649e85481845.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 14782
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds235.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-52568-8f66075d"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/7e69d86bb49d0e1948645cb118337d7d.1.202.583.chunk.js?ver=1.202.583
200 OK 21 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/7e69d86bb49d0e1948645cb118337d7d.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (65516)
Hash f314f25a55ceefbc30b7082478aad462
1f4f6a73deb47f4b432ad4cab56c6dd94038ba27
16d81635bc39e971fdaadd23f5a21e3762fe9f8433f4511cb31d0a2af59e5bbb
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/7e69d86bb49d0e1948645cb118337d7d.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 21374
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds001.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-98292-b818d8a1"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/55334be073081c2821d7a7ff45f614cf.1.202.583.chunk.js?ver=1.202.583
200 OK 31 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/55334be073081c2821d7a7ff45f614cf.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (45743)
Hash d88cb77c86792b836ec1af756ad07092
3a8687d2b675d78cc1cc37fd7e61efd69adbefcf
9c2bf59181baad3feeb0e7a1040f3d0c18023f4215422ebad82f8b0ac048c9a2
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/55334be073081c2821d7a7ff45f614cf.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 30899
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds239.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-132143-3a06e27f"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/52a152e08e3241910a50a30f3ca9d026.1.202.583.chunk.js?ver=1.202.583
200 OK 20 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/52a152e08e3241910a50a30f3ca9d026.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (18126)
Hash 43a296e8728aa34d459eeca3d843ee50
9a0cea87cd75decc7101b343cfa735ee5293f4f9
7e50c90a8cca3183b617107452c649d8dd6f6ecef1de4c788526129825eb25cf
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/52a152e08e3241910a50a30f3ca9d026.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 19560
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds251.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-144583-1fe04d91"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/96ed5852953871d64af12de6831a7b1f.1.202.583.chunk.js?ver=1.202.583
200 OK 47 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/96ed5852953871d64af12de6831a7b1f.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (42222)
Hash e1df141213421dc4765f1797449b2f2c
3b9eb092d31879908ee0c94fb2157fbc4b3ae970
5763528b8d7e25eabc2dcfcd3e487b22d355888caaf01c25ade03ae3b8f10426
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/96ed5852953871d64af12de6831a7b1f.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 47045
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds231.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-155980-dd967ee6"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/266a1f7c2e2345169d3bc448da45eae6.1.202.583.chunk.js?ver=1.202.583
200 OK 63 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/266a1f7c2e2345169d3bc448da45eae6.1.202.583.chunk.js?ver=1.202.583
IP
File type ASCII text, with very long lines (58187)
Hash 8b5da25d86403c98594d26ba992dc7ef
1320eee92de04b87ad1ea521100a1a3d3d0040f8
03fde2dc3048d189818fcd04d5454ff887ca96dbf58aff3eb0a1388521c625a7
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/266a1f7c2e2345169d3bc448da45eae6.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 63006
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds065.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-242465-bbc405da"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583
200 OK 159 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 159 kB (159147 bytes)
Hash ad185c6c4314c8cac72fbc03e8d00487
53e5d8df9fb2d9eb6af077269f6502c5b85b98c6
25627a749f2697affd8a97bb8cb94b97148eb4667d842d8ad86bef9b72d90b22
GET /www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 159147
content-type: text/css; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704152.cds231.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-1018983-e60bd6e7"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/btn_arrow.svg?ver=1.202.583
200 OK 233 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/btn_arrow.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9c6791f5099c8dd8bc1d4c8a4ec52d35
82ad93d2d2a565fac9e77875c226b40277048137
0fe19e1ba7b2737f2d7e702395f722b5987e4c19ebb691e0a14cc0e0865bc429
GET /www/hola/pub/img/btn_arrow.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:32 GMT
content-encoding: gzip
content-length: 233
content-type: image/svg+xml
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-298-a27dc8b4"
vary: Origin
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704152.cds002.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/static/mp4/hero_new9.mp4
206 Partial Content 162 kB URL HTTP/2 cdn4.holavpninstaller.com/static/mp4/hero_new9.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 162 kB (162298 bytes)
Hash 903a5156885f7dbbf1f962337cc5862b
7fe134d01e13d9180a74d085b59c7c0d685c401d
cc480702298385d3174acf024c9d45c11884e9690c4ee4b983acdd48ee4e8b7b
Analyzer Verdict Alert fortinet Malware
GET /static/mp4/hero_new9.mp4 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 20 Sep 2022 20:02:32 GMT
content-length: 162298
content-range: bytes 0-162297/162298
content-type: video/mp4
last-modified: Thu, 25 Feb 2021 16:07:14 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, ETag, Cache-Control, Last-Modified
timing-allow-origin: *
cache-control: public,max-age=31536000
etag: "md5-162298-b8d6c897"
vary: Origin
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704152.cds249.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://holavpninstaller.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 444134
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
holavpninstaller.com/www/hola/pub/img/icons.svg?ver=1.202.583
200 OK 34 kB URL HTTP/2 holavpninstaller.com/www/hola/pub/img/icons.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (7983)
Hash f695a506cc23d904e2433a87e20a1800
8db24cc1e7896b85a8cb644f2311e7172b55ff29
4072a45f9b38a3b3bd36c82b2525889130be0030118e6a2a870d79581208c66a
GET /www/hola/pub/img/icons.svg?ver=1.202.583 HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:32 GMT
content-type: image/svg+xml
content-length: 33511
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-98280-36f04ae9"
content-encoding: gzip
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ef66ff942f7ff0aff54fe073a61238a1
ed2bbafd29a7cbb9298bb11389fec0e1ed9667cb
21ffb031488ebebddc76d125aec6d32d0cc12aceb578551bfd84df83154346e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21FFB031488EBEBDDC76D125AEC6D32D0CC12ACEB578551BFD84DF83154346E4"
Last-Modified: Tue, 20 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3915
Expires: Tue, 20 Sep 2022 21:07:48 GMT
Date: Tue, 20 Sep 2022 20:02:33 GMT
Connection: keep-alive
holavpninstaller.com/www/hola/pub/img/platforms/icons.svg?ver=1.202.583
200 OK 63 kB URL HTTP/2 holavpninstaller.com/www/hola/pub/img/platforms/icons.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (22334)
Hash 481e5b514bb377c894932896c73980b1
b10b8229371355af753399e42dfbf40199671aeb
55f66560a9fe4ba1369b8ce9a02914b58fe44b43cd8c6ac5bcc38bc3a7b5708e
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/platforms/icons.svg?ver=1.202.583 HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:32 GMT
content-type: image/svg+xml
content-length: 62634
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-130999-44783709"
content-encoding: gzip
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
holavpn.postaffiliatepro.com/scripts/hwk0hjlkh
200 OK 6.0 kB URL HTTP/2 holavpn.postaffiliatepro.com/scripts/hwk0hjlkh
IP
ASN #203480 Quality Unit, s.r.o.
File type ASCII text, with very long lines (1107)
Hash e4bd19c3a3a3c2bcbc7f95bd18fe73eb
f22b9c87960b76dd52f944ac39fea96be231837f
14cfb9ea09b3a1ee6fdedcb41d42fcded017b51cd63d0f7658bd3e18e249a917
GET /scripts/hwk0hjlkh HTTP/1.1
Host: holavpn.postaffiliatepro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:33 GMT
content-type: application/javascript
content-length: 6035
etag: "6a36-5e462b01a6100"
expires: Tue, 20 Sep 2022 20:03:29 GMT
cache-control: max-age=120
last-modified: Fri, 22 Jul 2022 10:56:36 GMT
x-srv: 1
x-content-type-options: nosniff
content-encoding: gzip
x-varnish: 734084011 734973526
age: 64
vary: Accept-Encoding
via: 1.1 varnish (1.lb-app.pap.ws-eu)
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
holavpn.postaffiliatepro.com/scripts/hwk0hrlkh?accountId=default1&url=S_holavpninstaller.com%2F&referrer=&isInIframe=false&getParams=&anchor=
200 OK 66 B URL HTTP/2 holavpn.postaffiliatepro.com/scripts/hwk0hrlkh?accountId=default1&url=S_holavpninstaller.com%2F&referrer=&isInIframe=false&getParams=&anchor=
IP
ASN #203480 Quality Unit, s.r.o.
File type ASCII text, with no line terminators
Hash 37839b47c394175274c05d405fa009a3
1e1bd681912103f74f5cdb3bf122e71abb470705
5ba8218cf7136f0b0107d74c3a2ab937bc93688a83d2acbde8ba9db1cef0557b
GET /scripts/hwk0hrlkh?accountId=default1&url=S_holavpninstaller.com%2F&referrer=&isInIframe=false&getParams=&anchor= HTTP/1.1
Host: holavpn.postaffiliatepro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:33 GMT
content-type: application/octet-stream
content-length: 66
set-cookie: PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6;Max-Age=31556926;Path=/;Domain=.hola.org;Secure;SameSite=None;
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/phone_shadow.svg?ver=1.198.579
200 OK 299 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/phone_shadow.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (379)
Hash cc65f3b93efe2a5af4ebd3fd4f7045ad
8fff7041d1a11a6627c701453488503344fed268
757038bc3f4a107dad4c638b85192810539dde9ccf52ba0ae47c6d9136af1e9a
GET /www/hola/pub/img/phone_shadow.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 299
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds219.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-381-7a898a0e"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_2.svg?ver=1.198.579
200 OK 1.2 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_2.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3035)
Hash a353e727204e43b771a57a0a2edea0aa
ca08118b331a6b2bcc1aa5b0c153b93601af3e92
298361e7b70423c87132852adc44662c304c270d49e024740a81830e81e07f47
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/phone_screen_2.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1246
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds260.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-3037-12421cbe"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/phone.png?ver=1.198.579
200 OK 12 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/phone.png?ver=1.198.579
IP
File type PNG image data, 370 x 454, 8-bit colormap, non-interlaced\012- data
Hash a87c53ed097e41d2bcab49d6c4479e34
8213a03641aa21e0bf654d27464e17f286dfed90
d719e50bc4471d7b27401a3af2955858a862036cfc8728cd8259570a23bdafd4
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/phone.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 12453
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds220.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-12453-a87c53ed"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/desktop_app.png?ver=1.198.579
200 OK 9.7 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/desktop_app.png?ver=1.198.579
IP
File type PNG image data, 561 x 385, 8-bit colormap, non-interlaced\012- data
Hash 8349bbfc65e9f318f44b16a738f35cdc
67c8f34ac5de671d58f8127fcbf69683c219a8c1
36e7878a770d3fe763e0db6b90bf174f9d7cc9b0010781d5f2d925eb9ad6e997
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/desktop_app.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 9682
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds224.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-9682-8349bbfc"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_1.svg?ver=1.198.579
200 OK 1.1 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_1.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2337)
Hash 3e61174b8aeddcfc6c1f37e9be97dda9
589d6bb079567fc0e336e9cfcbc22d5bb82139f9
d2d0ac908735ed9d0da0f8ff5a51e2f329e3285510417ca9548afe93ae825bfe
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/phone_screen_1.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1067
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds218.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-2339-7e3bed31"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_2_back.svg?ver=1.198.579
200 OK 423 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_2_back.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (807)
Hash 07a4b0f65248cacffd308824d7f23f83
8a7b51135fe3e13185ae79faf6680ef021e084ee
4a1033dcdb3e50c248fbd7c3688f3f2a03058630b759a2c3157aeea64d037543
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/main_slide_2_back.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 423
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds207.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-808-17c14c48"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_3_back.svg?ver=1.198.579
200 OK 270 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_3_back.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (439)
Hash d92d76fe28194c7ef86729cfe0e1ed83
cdfd0ca30313e00a763c45c9de3d3c1c45e0439d
cc694941d4bc46146217ad56cfd97f0cbaf48ed790af2b9cb62c4c0fcb5c6e63
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/main_slide_3_back.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 270
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds225.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-440-d2e6b147"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/globe_pr.svg?ver=1.202.583
200 OK 731 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/globe_pr.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1355)
Hash 88ee2a75c9ac232fb8990d4fd7957acf
7baf303776a519df90013a7273c3533c0b4bbddb
90cb7b396a2fe1b6b751e7593fb4a082d6d72f9f026752feaee2689d1a713458
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/globe_pr.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 731
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds261.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-1670-f4dffe2e"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_3.svg?ver=1.198.579
200 OK 1.4 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/phone_screen_3.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3323)
Hash d6d2e49e5d81d533747b32d901362836
61a6d1aa41c7d181f1f1e4fc726e389eca6201fd
22125206048de0f32c9a504521ec6192a96e0becb94b7e3b7e8603fabb688007
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/phone_screen_3.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1449
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds226.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-3325-ed960535"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_4_back.svg?ver=1.198.579
200 OK 183 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_4_back.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6ed22cea2aa86a91e77842b7ce9c63d4
302cd6065572ceeb5f28552c85f21468854dc83f
b458c3ca239050f556257b29390dda155ef856b2a5756d7b8c96005508cfb813
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/main_slide_4_back.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 183
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds216.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-237-56942e5a"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_1_back.svg?ver=1.198.579
200 OK 1.4 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/main_slide_1_back.svg?ver=1.198.579
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3264)
Hash 4d732f445e66f923917295c4364892c1
8086ce3e9abf29d5edd2bfb16c7c25907105b2cc
28d3f954d906f5a9c7511b80c7747a91aa42392c1b3f17da00233c47c46bec9b
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/main_slide_1_back.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1400
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds255.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: W/"md5-3265-dcdcf1ed"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/homepage/flags.png?ver=1.198.579
200 OK 10 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/homepage/flags.png?ver=1.198.579
IP
File type PNG image data, 66 x 1254, 8-bit colormap, non-interlaced\012- data
Hash 19acc5bceb3e02745518878045b0558d
11f51dbb1767258aab23151a8f875b5205d7e50e
92a26882441559f304d009efaf41ceaf0e5fa2b14df327cfdf800106cd1339f4
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/homepage/flags.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 10419
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds210.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-10419-19acc5bc"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/stars.svg?ver=1.202.583
200 OK 1.3 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/stars.svg?ver=1.202.583
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (732)
Hash ce2ac6bceba7dd38a1734f32918063b4
8446da2b4ace6c593170be760b59d4ff2fd74883
a32c6b476c3caa191172157b73f6fd724a8a903331f94e6c0614257ce330c940
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/stars.svg?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/16ccf4a7db82e34396906b8b32afd35c.1.202.583.bundle.css?ver=1.202.583
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 1271
content-type: image/svg+xml
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds072.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-4771-c76cda38"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/mobile.png?ver=1.198.579
200 OK 20 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/mobile.png?ver=1.198.579
IP
File type PNG image data, 392 x 470, 8-bit colormap, non-interlaced\012- data
Hash 4fabdfaa761b840408bd145987491fe5
c59b7e95f3d3c3f11edcc367b929e59cdebcbed5
ad5490105c13a9e1d1fc76c6d70e70035675f167d9c330fd2646609e70b177f2
GET /www/hola/pub/img/mobile.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 19648
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds221.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-19648-4fabdfaa"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/tv_app.png?ver=1.198.579
200 OK 81 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/tv_app.png?ver=1.198.579
IP
File type PNG image data, 621 x 349, 8-bit/color RGBA, non-interlaced\012- data
Hash 845944375d24ebd29508f56d5df791fc
e1da6340e7370dcd7bc47c24995271fc397fd4f9
4e30a03b1fda48b4bd46f881c2ddb566a87e2d8dcabb32863087b8dab93bf666
GET /www/hola/pub/img/tv_app.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 80601
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds227.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-80601-84594437"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/extension.png?ver=1.198.579
200 OK 114 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/extension.png?ver=1.198.579
IP
File type PNG image data, 539 x 409, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (113623 bytes)
Hash 02a5441c87aa8b8d0cbdd574c0db91c4
10cb4a44326c8179b2fefcaf2157d8e929d6f35e
d751b2cf09f5fec8e4030753ae443586fa731f017284ed6b02b316fb6eeee0bf
GET /www/hola/pub/img/extension.png?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-length: 113623
content-type: image/png
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds252.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=15
etag: "md5-113623-02a5441c"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/img/homepage/pin_drop.svg?ver=1.198.579
302 Found 108 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/img/homepage/pin_drop.svg?ver=1.198.579
IP
File type ASCII text, with no line terminators
Hash 21da7b59bf03e580942c32d861e4a9f0
29ad1cde6e4a28ed5d0d326146806467cc318cba
b95663a06c05609e837b567a6d5903e545d8f7f608f0ea2d01032febf49d1e25
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/img/homepage/pin_drop.svg?ver=1.198.579 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn4.holavpninstaller.com/www/hola/pub/less_core.bundle.css?ver=1.202.583
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
cache-control: max-age=0
content-length: 108
content-type: text/plain; charset=utf-8
x-hw: 1663704152.dop208.sk1.t,1663704152.cds262.sk1.hn,1663704153.cds247.sk1.p
server: nginx
location: //f9t5n3y6.map2.ssl.hwcdn.net/www/hola/pub/img/homepage/pin_drop.svg?md5=1089-fec71f99
vary: Accept
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/b2911c84de0b50d7af73dfafb28ed94a.1.202.583.chunk.js?ver=1.202.583
200 OK 37 kB URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/b2911c84de0b50d7af73dfafb28ed94a.1.202.583.chunk.js?ver=1.202.583
IP
File type Unicode text, UTF-8 text, with very long lines (65324)
Hash 11f40e59c9769cc84ad82dbf691743b2
cbd57c90620980ecf4e0a945234ed2d28cbdd82a
0bb49bfec3bb77492937b9e71264b2617d209c4ef32b1107b3f2b90b8748eb4a
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/b2911c84de0b50d7af73dfafb28ed94a.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:33 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 36963
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704153.cds232.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-148487-a6c535a9"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash ab4c7a8219f5e00b6ed2583cfb734106
b10f5285137439ccc5a77f934d4af30f6c9dc81f
f9322308e61d202ca7a16363e37f12b6ec360cab6c135f51078eb693ea091f4b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:02:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 08:03:41 GMT
Expires: Sat, 24 Sep 2022 08:03:40 GMT
Etag: "b10f5285137439ccc5a77f934d4af30f6c9dc81f"
Cache-Control: max-age=301866,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd28d0bf02b511-OSL
f9t5n3y6.map2.ssl.hwcdn.net/www/hola/pub/img/homepage/pin_drop.svg?md5=1089-fec71f99
200 OK 596 B URL HTTP/1.1 f9t5n3y6.map2.ssl.hwcdn.net/www/hola/pub/img/homepage/pin_drop.svg?md5=1089-fec71f99
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2e33ce749701e5e9e5e67700ee7ada7b
cb38ba680bb38d9d46f5b19be773bfa3601a2a99
23a83122851121006584c8b740aa3a1c66213ee10ebef9eea4d3da6412e77b79
GET /www/hola/pub/img/homepage/pin_drop.svg?md5=1089-fec71f99 HTTP/1.1
Host: f9t5n3y6.map2.ssl.hwcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn4.holavpninstaller.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:02:33 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 596
Content-Type: image/svg+xml
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
Accept-Ranges: bytes
Server: nginx
Cache-Control: public,max-age=31536000
ETag: W/"md5-1089-fec71f99"
Vary: Origin
X-HW: 1663704153.dop202.sk1.t,1663704153.cds206.sk1.shn,1663704153.dop202.sk1.t,1663704153.cds247.sk1.c
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_pap_changed&ver=1.202.583
200 OK 2 B URL HTTP/2 perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_pap_changed&ver=1.202.583
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_pap_changed&ver=1.202.583 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://holavpninstaller.com
Content-Length: 658
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:33 GMT
content-type: application/json; charset=utf-8
content-length: 2
vary: Origin, Accept-Encoding
x-hola-ts: 1663704153948
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NH398RP
200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NH398RP
IP
File type ASCII text, with very long lines (58260)
Hash 6de0f91663abf2e70ed91bbc96fc6b36
0434dc9e61c5841292f06270d53e4e3722e75d9d
4fe72846716cd35c153e00bd4a4446672033876d893efe29d5f85766cff2777b
GET /gtm.js?id=GTM-NH398RP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 20:02:34 GMT
expires: Tue, 20 Sep 2022 20:02:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 19:02:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
client.holavpninstaller.com/be_client_cgi/unblocking_rate?&limit=5&src_country=no
200 OK 377 B URL HTTP/2 client.holavpninstaller.com/be_client_cgi/unblocking_rate?&limit=5&src_country=no
IP
File type JSON data\012- , ASCII text, with very long lines (377), with no line terminators
Hash a07e9cf45cab884335ddd4ffa7f78dae
95b1707629661508136f35ddab385dc456b1d526
6dda389cc7333706d52c8309b9d17d2710d99c0127b71452ff39da69c5bc0d57
GET /be_client_cgi/unblocking_rate?&limit=5&src_country=no HTTP/1.1
Host: client.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Origin: https://holavpninstaller.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: application/json; charset=utf-8
content-length: 377
vary: Origin, Accept-Encoding
cache-control: public,max-age=3600
access-control-allow-origin: https://holavpninstaller.com
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
etag: W/"179-lbFwdilmFQgTbzXdqzhdxFax1SY"
X-Firefox-Spdy: h2
holavpninstaller.com/www/hola/pub/locale/en/translation.json
200 OK 11 kB URL HTTP/2 holavpninstaller.com/www/hola/pub/locale/en/translation.json
IP
Hash 7a51a89f02d761b95eb6659563bec0d6
e318e47ad3d807cb7e1a15abe379ef376eacc2c2
576c73d5a99276874297d2db4c0e4e3e11e8bf687ad7e05eafc5345eb7ab1a7f
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/locale/en/translation.json HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; tid=l8amhwz6.co1ekg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
cache-control: public,max-age=10
content-encoding: gzip
X-Firefox-Spdy: h2
perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_timing&ver=1.202.583
200 OK 2 B URL HTTP/2 perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_timing&ver=1.202.583
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_timing&ver=1.202.583 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://holavpninstaller.com
Content-Length: 1672
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: application/json; charset=utf-8
content-length: 2
vary: Origin, Accept-Encoding
x-hola-ts: 1663704154303
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_vpn_install_page_open&ver=1.202.583
200 OK 2 B URL HTTP/2 perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_vpn_install_page_open&ver=1.202.583
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_vpn_install_page_open&ver=1.202.583 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://holavpninstaller.com
Content-Length: 562
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: application/json; charset=utf-8
content-length: 2
vary: Origin, Accept-Encoding
x-hola-ts: 1663704154306
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/lazysizes.js?ver=1.202.583
200 OK 3.3 kB URL HTTP/2 cdn4.holavpninstaller.com/lazysizes.js?ver=1.202.583
IP
File type ASCII text, with very long lines (7034)
Hash 2af16967c2fe440d7d96c8d8963bf437
b92102beb842ddaed174f9245e4a54ce038c19cf
07f2512339669bc0a956a741a00916e5ba70c848c53fbba908c5c0ae66ad078b
GET /lazysizes.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; _gcl_au=1.1.903137637.1663704154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:34 GMT
content-encoding: gzip
content-length: 3307
content-type: application/javascript; charset=utf-8
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: public,max-age=31536000
etag: W/"md5-7060-d8513e78"
vary: Origin
x-hw: 1663704154.dop208.sk1.t,1663704154.cds262.sk1.hn,1663704154.cds250.sk1.c
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/static/lottie_player.js?md5=350013-706e23df
200 OK 88 kB URL HTTP/2 cdn4.holavpninstaller.com/static/lottie_player.js?md5=350013-706e23df
IP
File type ASCII text, with very long lines (26028)
Hash e3836228bea5b9a42e9a5b7c6c56395a
2d61d47df13cf5940940179442d94f770f4d3fcd
01e2161dd2b82910acbe0a3fca48b9475296e7c6c04900960bf883bfd5485984
Analyzer Verdict Alert fortinet Malware
GET /static/lottie_player.js?md5=350013-706e23df HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; _gcl_au=1.1.903137637.1663704154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:34 GMT
content-encoding: gzip
content-length: 87781
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Sep 2022 09:33:40 GMT
accept-ranges: bytes
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cache-control: public,max-age=31536000
etag: W/"md5-350013-706e23df"
vary: Origin
x-hw: 1663704154.dop208.sk1.t,1663704154.cds262.sk1.hn,1663704154.cds205.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4335
Cache-Control: max-age=128807
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Etag: "63295f92-1d7"
Expires: Thu, 22 Sep 2022 07:49:21 GMT
Last-Modified: Tue, 20 Sep 2022 06:37:06 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 18:41:12 GMT
expires: Tue, 20 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4882
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
holavpninstaller.com/www/hola/pub/locale/en/hp_new_txt.json
200 OK 30 kB URL HTTP/2 holavpninstaller.com/www/hola/pub/locale/en/hp_new_txt.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44127)
Hash 3f2340e93128e701c2fc7dbb139b28a2
91ab0ca63eebb49b2f7124ba8b9c92a4fc2b3e69
4a013fed0fe3a561b1d3a4452ca34c2fe98f0666843e4aa23a98a3b4e2077b4d
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/locale/en/hp_new_txt.json HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; tid=l8amhwz6.co1ekg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=63072000
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
cache-control: public,max-age=10
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Sep 2022 20:02:34 GMT
expires: Tue, 20 Sep 2022 20:02:34 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
holavpninstaller.com/favicon.ico
302 Found 82 B URL HTTP/2 holavpninstaller.com/favicon.ico
IP
File type ASCII text, with no line terminators
Hash fab6df95d22af6f7223baec31d7e3c2f
5b0f93ec640719c69678e811c3d4e1af5b4d30af
2fde297a3d9355ba9bbb941e9d3df0a0d2364020acadc10f3dcec6eb7630addf
GET /favicon.ico HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; tid=l8amhwz6.co1ekg; _gcl_au=1.1.903137637.1663704154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 20:02:34 GMT
content-type: text/plain; charset=utf-8
content-length: 82
location: //s6m9m3g5.map2.ssl.hwcdn.net/favicon.ico?md5=79485-df76d7ec
vary: Accept, Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4335
Cache-Control: max-age=128807
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Etag: "63295f92-1d7"
Expires: Thu, 22 Sep 2022 07:49:21 GMT
Last-Modified: Tue, 20 Sep 2022 06:37:06 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 3a3edb87d5976c0ac6d135dfb363c36f
a28aab0ff8d6ed216e5cb195901897cf6c0aaf37
915c1a3d65ae115d676a0fae8a755474db45721ea355b67096a56c29010a1db2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:02:34 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 24 Sep 2022 18:46:21 GMT
ETag: "a28aab0ff8d6ed216e5cb195901897cf6c0aaf37"
Last-Modified: Tue, 20 Sep 2022 18:46:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1064
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd28d60b1e1bfa-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s6m9m3g5.map2.ssl.hwcdn.net/favicon.ico?md5=79485-df76d7ec
200 OK 56 kB URL HTTP/1.1 s6m9m3g5.map2.ssl.hwcdn.net/favicon.ico?md5=79485-df76d7ec
IP
File type MS Windows icon resource - 20 icons, 24x24, 8 bits/pixel, 20x20, 8 bits/pixel\012- data
Hash 92d15225fb6aadcd67a4357c0dde25ea
f5db5e3ea49dd7ca772ee318e2cd073f0d93f6cc
0f35cd82db4a8692044d6ad36cfd26566cc915c3a488b63fb844054bb8d0a581
GET /favicon.ico?md5=79485-df76d7ec HTTP/1.1
Host: s6m9m3g5.map2.ssl.hwcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:02:34 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 56079
Content-Type: image/x-icon
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
Accept-Ranges: bytes
Server: nginx
Cache-Control: public,max-age=31536000
ETag: W/"md5-79485-df76d7ec"
Vary: Origin
X-HW: 1663704154.dop202.sk1.t,1663704154.cds066.sk1.shn,1663704154.cds066.sk1.c
googleads.g.doubleclick.net/pagead/viewthroughconversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&fmt=3&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&fmt=3&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&fmt=3&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 20:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Sep-2022 20:17:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&gjid=407740527&_gid=1230042115.1663704155&_u=YEBAAEAAAAAAAC~&z=1289310311
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&gjid=407740527&_gid=1230042115.1663704155&_u=YEBAAEAAAAAAAC~&z=1289310311
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&gjid=407740527&_gid=1230042115.1663704155&_u=YEBAAEAAAAAAAC~&z=1289310311 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://holavpninstaller.com
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://holavpninstaller.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 20:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/981843084/?random=1663704154608&cv=9&fst=1663704154608&num=1&value=pageview&label=03CwCKSw9f0BEIz5ltQD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9j0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fholavpninstaller.com%2F&tiba=Get%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&auid=903137637.1663704154&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 20:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&_u=YEBAAEAAAAAAAC~&z=1836438731
200 OK 86 kB URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&_u=YEBAAEAAAAAAAC~&z=1836438731
IP
File type gzip compressed data, from Unix\012- data
Hash 6946ae67247ee3fb2d5c0b6cfec1b934
3e9593106f080209e30647a8d35479b9814aa8cc
e0f1f1dfa5e58a924a11485fc6e8b5e2a63e653d304b0e4fdf4ea0fafc1ddfcb
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36775596-1&cid=599733734.1663704155&jid=2104309274&_u=YEBAAEAAAAAAAC~&z=1836438731 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 20:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 3f01a6fe4be69809cd0b0d740ab50c40
8366aca59939c8a0cfe3bc4c7732e9f8cf031375
025a3b03a1e5af9f06a8fb2d3e113c5b73410e0e440cf34869c97b20ccb77829
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72206
date: Tue, 20 Sep 2022 20:02:34 GMT
access-control-allow-origin: *
etag: "63295b76-11a0e"
expires: Tue, 20 Sep 2022 21:02:34 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=465027364356184&ev=PageView&dl=https%3A%2F%2Fholavpninstaller.com%2F&rl=&if=false&ts=1663704154832&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663704154831.386940303&it=1663704154601&coo=false&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=465027364356184&ev=PageView&dl=https%3A%2F%2Fholavpninstaller.com%2F&rl=&if=false&ts=1663704154832&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663704154831.386940303&it=1663704154601&coo=false&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=465027364356184&ev=PageView&dl=https%3A%2F%2Fholavpninstaller.com%2F&rl=&if=false&ts=1663704154832&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663704154831.386940303&it=1663704154601&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 20 Sep 2022 20:02:34 GMT
expires: Tue, 20 Sep 2022 20:02:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 20 Sep 2022 20:02:35 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Tue, 20 Sep 2022 21:02:35 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
holavpninstaller.com/users/get_user?source=login&tz_offset=0
200 OK 46 B URL HTTP/2 holavpninstaller.com/users/get_user?source=login&tz_offset=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 52b663d2c5b997506f5cbae1a6d51baf
4dcfa8325fd386c93d2cf5fd3ef15c8b2593e368
ccd6a2170d1db66e6f4b53321ea21e766ecbf52a0b93c5aff5f96024fe700416
GET /users/get_user?source=login&tz_offset=0 HTTP/1.1
Host: holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=2db2672b2a6670955f867a6845a8fd4c4f31c748c861a194; i18next=en; h_visitor_id=www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840; ui_testing={%22test_hola_browser_mac_conf%22:{%22name%22:%22test_hola_browser_mac%22%2C%22on%22:0.999%2C%22ssr%22:1}%2C%22test_hola_browser_mac%22:true}; PAPVisitorId=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; holapap_visitor_id=fXWqEaQ0esvKVamFJofqQ3KFJ6Hs0rO6; tid=l8amhwz6.co1ekg; _gcl_au=1.1.903137637.1663704154; _ga=GA1.2.599733734.1663704155; _gid=GA1.2.1230042115.1663704155; _gat_UA-36775596-1=1; _fbp=fb.1.1663704154831.386940303; _ym_uid=1663704155197683485; _ym_d=1663704155
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:35 GMT
content-type: application/json; charset=utf-8
content-length: 46
vary: Origin, Accept-Encoding
set-cookie: user=%7B%7D; Domain=.holavpninstaller.com; Path=/; Secure
connect.sid=s%3A1WXrcmw9_Ih1H_wsj4EekpKKnO4eyHF3.%2FodZ4HDdDisJhk1THJW1YnHm6lSckwPNDPrx6aRs%2Faw; Path=/; Expires=Wed, 20 Sep 2023 20:02:35 GMT; HttpOnly; Secure; SameSite=None
cache-control: private,no-store
etag: W/"2e-Tc+oMl/Thsk9LPX9PvFciyWT42g"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/81472444/1?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/81472444/1?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 35d286a762ec305a6b568d950c549fc8
335114b6e20f9f9eceaa605c40161dc9ab7e7b35
690e4ce69ec68ea9ceeea8ea13b270924d620f8efa6091e5762a380b4d8a12a8
GET /watch/81472444/1?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://holavpninstaller.com
Referer: https://holavpninstaller.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Tue, 20 Sep 2022 20:02:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://holavpninstaller.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 20:02:35 GMT
last-modified: Tue, 20-Sep-2022 20:02:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/81472444/1?page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&hittoken=1663704155_7e3d43f73a692e1c1ca56f09a311ebd4dbf261fae107f748d769f0a027b4fcf0&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200235%3Aet%3A1663704155%3Ac%3A1%3Arn%3A339497410%3Arqn%3A2%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5899%2C5899%2C0%2C%3Ans%3A1663704149086%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663704155&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/81472444/1?page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&hittoken=1663704155_7e3d43f73a692e1c1ca56f09a311ebd4dbf261fae107f748d769f0a027b4fcf0&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200235%3Aet%3A1663704155%3Ac%3A1%3Arn%3A339497410%3Arqn%3A2%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5899%2C5899%2C0%2C%3Ans%3A1663704149086%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663704155&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/81472444/1?page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&hittoken=1663704155_7e3d43f73a692e1c1ca56f09a311ebd4dbf261fae107f748d769f0a027b4fcf0&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200235%3Aet%3A1663704155%3Ac%3A1%3Arn%3A339497410%3Arqn%3A2%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5899%2C5899%2C0%2C%3Ans%3A1663704149086%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663704155&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 155
Origin: https://holavpninstaller.com
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 20 Sep 2022 20:02:35 GMT
access-control-allow-origin: https://holavpninstaller.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 20:02:35 GMT
last-modified: Tue, 20-Sep-2022 20:02:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_detect_on_open&ver=1.202.583
200 OK 2 B URL HTTP/2 perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_detect_on_open&ver=1.202.583
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_main_detect_on_open&ver=1.202.583 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://holavpninstaller.com
Content-Length: 641
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:36 GMT
content-type: application/json; charset=utf-8
content-length: 2
vary: Origin, Accept-Encoding
x-hola-ts: 1663704156065
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_homepage_visit_inited&ver=1.202.583
200 OK 2 B URL HTTP/2 perr.holavpninstaller.com/be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_homepage_visit_inited&ver=1.202.583
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /be_client_cgi/perr?tid=l8amhwz6.co1ekg&browser=firefox&id=www_homepage_visit_inited&ver=1.202.583 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://holavpninstaller.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://holavpninstaller.com
Content-Length: 641
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:36 GMT
content-type: application/json; charset=utf-8
content-length: 2
vary: Origin, Accept-Encoding
x-hola-ts: 1663704156076
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
cdn4.holavpninstaller.com/www/hola/pub/21a35820304a59ba40b1f7d65acb91c8.1.202.583.chunk.js?ver=1.202.583
200 OK 0 B URL HTTP/2 cdn4.holavpninstaller.com/www/hola/pub/21a35820304a59ba40b1f7d65acb91c8.1.202.583.chunk.js?ver=1.202.583
IP
Analyzer Verdict Alert fortinet Malware
GET /www/hola/pub/21a35820304a59ba40b1f7d65acb91c8.1.202.583.chunk.js?ver=1.202.583 HTTP/1.1
Host: cdn4.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Cookie: ui_testing=%7B%22test_hola_browser_mac_conf%22%3A%7B%22name%22%3A%22test_hola_browser_mac%22%2C%22on%22%3A0.999%2C%22ssr%22%3A1%7D%2C%22test_hola_browser_mac%22%3Atrue%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:02:30 GMT
accept-ranges: bytes
content-encoding: gzip
content-length: 28630
content-type: application/javascript; charset=utf-8
x-hw: 1663704150.dop208.sk1.t,1663704150.cds262.sk1.hn,1663704150.cds216.sk1.p
server: nginx
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: public,max-age=31536000
etag: W/"md5-244448-e631b926"
last-modified: Sat, 01 Jan 2000 00:00:00 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/81472444?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/81472444?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/81472444?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://holavpninstaller.com
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/81472444/1?wmode=7&page-url=https%3A%2F%2Fholavpninstaller.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3696%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A117413377415%3Ahid%3A116913055%3Az%3A0%3Ai%3A20220920200234%3Aet%3A1663704155%3Ac%3A1%3Arn%3A96869861%3Arqn%3A1%3Au%3A1663704155197683485%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C436%2C188%2C0%2C261%2C0%2C%2C3948%2C2%2C%2C%2C%2C4854%3Ans%3A1663704149086%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663704155%3At%3AGet%20The%20Free%20and%20Premium%20Hola%20Online%20%7C%20Proxy%20Unblocker&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 20 Sep 2022 20:02:35 GMT
access-control-allow-origin: https://holavpninstaller.com
set-cookie: yandexuid=8347719191663704155; Expires=Wed, 20-Sep-2023 20:02:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8347719191663704155; Expires=Wed, 20-Sep-2023 20:02:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=203966241663704155; Path=/; SameSite=None; Secure
i=4QlZJCdBmEXUq3exO/MvBuMdB71RhGxl0RM6Qq/jQsHcVnmmz1P2SvlVycwNMxegGYHTfV5SO+5b55teR8UrJru+Wts=; Expires=Fri, 17-Sep-2032 20:02:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695240155.yrts.1663704155#1695240155.yrtsi.1663704155; Expires=Wed, 20-Sep-2023 20:02:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 20:02:35 GMT
last-modified: Tue, 20-Sep-2022 20:02:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
perr.holavpninstaller.com/client_cgi/perr?id=www_pap_track_visit&info=%7B%22pathname%22%3A%22%2F%22%7D&ver=0.0.0&browser=firefox&build=version%3A+0.0.0%0Amakeflags%3A+%0Aid%3A+jid1-4P0kohSJxU1qGg%40jetpack%0Abrowser%3A+firefox%0Abrowser_build%3A+undefined%0Aplatform%3A+Linux+x86_64%0Auser_agent%3A+Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0%0Aurl%3A+https%3A%2F%2Fholavpninstaller.com%2F%0Areferrer%3A+%0Ah_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840%0Awww_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840
200 OK 0 B URL HTTP/2 perr.holavpninstaller.com/client_cgi/perr?id=www_pap_track_visit&info=%7B%22pathname%22%3A%22%2F%22%7D&ver=0.0.0&browser=firefox&build=version%3A+0.0.0%0Amakeflags%3A+%0Aid%3A+jid1-4P0kohSJxU1qGg%40jetpack%0Abrowser%3A+firefox%0Abrowser_build%3A+undefined%0Aplatform%3A+Linux+x86_64%0Auser_agent%3A+Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0%0Aurl%3A+https%3A%2F%2Fholavpninstaller.com%2F%0Areferrer%3A+%0Ah_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840%0Awww_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840
IP
POST /client_cgi/perr?id=www_pap_track_visit&info=%7B%22pathname%22%3A%22%2F%22%7D&ver=0.0.0&browser=firefox&build=version%3A+0.0.0%0Amakeflags%3A+%0Aid%3A+jid1-4P0kohSJxU1qGg%40jetpack%0Abrowser%3A+firefox%0Abrowser_build%3A+undefined%0Aplatform%3A+Linux+x86_64%0Auser_agent%3A+Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0%0Aurl%3A+https%3A%2F%2Fholavpninstaller.com%2F%0Areferrer%3A+%0Ah_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840%0Awww_visitor_id%3A+www-57bd7ea1-85a6-4b2a-be5f-8e62536ad840 HTTP/1.1
Host: perr.holavpninstaller.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://holavpninstaller.com
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:02:33 GMT
vary: Origin
x-hola-ts: 1663704153461
x-hola-conf-ver: 45
access-control-allow-origin: https://holavpninstaller.com
cache-control: private,no-store
access-control-allow-credentials: true
access-control-allow-headers: x-xsrf-token
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
IP
GET /css2?family=Inter:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://holavpninstaller.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:02:30 GMT
date: Tue, 20 Sep 2022 20:02:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
107.22.193.119
157.240.200.35
91.201.28.211
104.18.20.226
93.184.220.29
87.250.251.119
23.36.77.32