Overview

URL www.filefactory.com/file/197y74syfmg/cspstp1123.rar
IP95.211.200.52
ASNLeaseWeb Netherlands B.V.
Location Netherlands
Report completed2022-10-02 20:22:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 henoticpipi.com/g9RbYoQO26rZA3R/55129 Malware
2022-10-02 2 forgivenessimpact.com/b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js Malware
2022-10-02 2 henoticpipi.com/g9RbYoQO26rZA3R/55129 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-02 2 henoticpipi.com Sinkholed
2022-10-02 2 henoticpipi.com Sinkholed
2022-10-02 2 prawnsimply.com Sinkholed
2022-10-02 2 banquetunarmedgrater.com Sinkholed
2022-10-02 2 unseenreport.com Sinkholed


Files

No files detected



Passive DNS (29)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS henoticpipi.com (2) 0 2022-08-16 11:00:44 UTC 2022-10-02 02:40:38 UTC 172.255.6.58 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 13.227.219.12
mnemonic passive DNS forgivenessimpact.com (1) 0 2021-09-29 23:03:04 UTC 2022-10-01 18:13:46 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS www.facebook.com (2) 99 2017-01-30 05:00:00 UTC 2022-10-02 04:45:21 UTC 31.13.72.36
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-10-02 17:54:50 UTC 142.250.74.168
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-10-02 11:18:54 UTC 31.13.72.12
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 52.222.137.60
mnemonic passive DNS banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-10-02 13:48:05 UTC 173.233.137.36 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-10-02 15:22:54 UTC 104.21.234.254
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-02 16:00:45 UTC 142.250.74.10
mnemonic passive DNS ajax.googleapis.com (2) 12905 2013-06-10 06:53:41 UTC 2022-10-02 17:19:54 UTC 172.217.21.170
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-10-02 11:34:26 UTC 23.36.76.226
mnemonic passive DNS filefactory.com (1) 160487 2012-06-25 13:00:13 UTC 2022-10-02 16:05:55 UTC 95.211.200.52
mnemonic passive DNS prawnsimply.com (1) 0 2022-09-29 01:52:25 UTC 2022-10-02 14:17:05 UTC 173.233.139.164 Unknown ranking
mnemonic passive DNS simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-10-02 09:47:03 UTC 52.29.95.124 Unknown ranking
mnemonic passive DNS engagecdn.filefactory.com (2) 0 2017-06-24 01:49:29 UTC 2022-10-01 18:13:48 UTC 89.149.201.75 Domain (filefactory.com) ranked at: 160487
mnemonic passive DNS engagesrvr.filefactory.com (1) 0 2017-06-24 01:49:29 UTC 2022-10-01 18:13:47 UTC 212.32.237.11 Domain (filefactory.com) ranked at: 160487
mnemonic passive DNS unseenreport.com (1) 0 2022-03-30 14:33:17 UTC 2022-10-02 15:22:56 UTC 192.243.59.12 Unknown ranking
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-10-02 11:43:48 UTC 104.18.21.226
mnemonic passive DNS usingswhoring.com (1) 0 2022-08-10 23:59:06 UTC 2022-10-02 16:05:56 UTC 23.109.248.156 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 52.39.57.61
mnemonic passive DNS www.filefactory.com (19) 509465 2012-05-21 18:23:06 UTC 2022-10-02 08:03:05 UTC 95.211.200.52
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 13.227.219.2
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.211.200.52

Date UQ / IDS / BL URL IP
2022-12-08 23:28:31 +0000
0 - 0 - 4 www.filefactory.com/file/12zvt54xq6sc/The.Jac (...) 95.211.200.52
2022-12-08 21:51:10 +0000
0 - 0 - 5 filefactory.com/file/2rnd7tb8zszn/?code=265 95.211.200.52
2022-12-07 22:04:59 +0000
0 - 0 - 2 www.filefactory.com/file/6ybxfuh41sfi/Dwarf.F (...) 95.211.200.52
2022-12-07 14:00:44 +0000
0 - 0 - 2 www.filefactory.com/file/cfbf33f/n/dnsidleurl (...) 95.211.200.52
2022-12-07 12:30:48 +0000
0 - 0 - 2 www.filefactory.com/file/6ydhv2z47n8c/Tungusk (...) 95.211.200.52

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Date UQ / IDS / BL URL IP
2022-12-09 23:59:37 +0000
0 - 0 - 1 weretrtrt6ad36.rw.wy5532.com/ 37.48.65.155
2022-12-09 23:51:38 +0000
0 - 0 - 1 mjurr.7058.kr.wy5532.com/ 37.48.65.155
2022-12-09 23:51:36 +0000
0 - 0 - 1 wxsxc.5f230.jb.wy5532.com/ 37.48.65.155
2022-12-09 23:46:33 +0000
0 - 0 - 1 3c6e7.cy.wy5532.com/ 37.48.65.155
2022-12-09 23:45:42 +0000
0 - 0 - 1 5bb7c.cmtr.wy5532.com/cssf/ad.asp?HTTP_REFERER= 37.48.65.155

Last 5 reports on domain: filefactory.com

Date UQ / IDS / BL URL IP
2022-12-09 17:51:35 +0000
0 - 0 - 6 s43.filefactory.com/get/f/a2cr8kla0n4/0a723b2 (...) 95.211.200.82
2022-12-09 17:47:25 +0000
0 - 0 - 6 s201.filefactory.com/get/f/7kayqhb3rvuq/8745f (...) 95.211.200.201
2022-12-08 23:28:31 +0000
0 - 0 - 4 www.filefactory.com/file/12zvt54xq6sc/The.Jac (...) 95.211.200.52
2022-12-08 21:51:10 +0000
0 - 0 - 5 filefactory.com/file/2rnd7tb8zszn/?code=265 95.211.200.52
2022-12-08 21:51:02 +0000
0 - 0 - 5 s33.filefactory.com/get/f/2rnd7tb8zszn/7e78c2 (...) 95.211.200.72

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-26 08:48:44 +0000
0 - 0 - 6 www.filefactory.com/file/1st50idhpsjy/Aurelia (...) 95.211.200.52
2022-10-22 04:00:10 +0000
0 - 0 - 5 www.filefactory.com/file/1o8yzloj9por/Treasur (...) 95.211.200.52
2022-10-19 13:20:25 +0000
0 - 0 - 3 filefactory.com/file/2hbq1gkbbnj9/Qualcomm-US (...) 95.211.200.52
2022-10-19 13:20:20 +0000
0 - 0 - 1 filefactory.com/file/1l71wj0ezt3t/QPST.2.7.425.zip 95.211.200.52
2022-10-17 11:59:28 +0000
0 - 0 - 3 www.filefactory.com/file/1c2lxj4rmexd/h7y634- (...) 95.211.200.52


JavaScript

Executed Scripts (26)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (78)


Request Response
                                        
                                            GET /file/197y74syfmg/cspstp1123.rar HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         95.211.200.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 178
Connection: keep-alive
Location: https://filefactory.com/file/197y74syfmg/cspstp1123.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4415
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 20:21:51 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.227.219.12
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 19:31:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: FTMd3hJaD6Ngk9aQEH0urvZasdKuSqjrndtQFwPsy6wwvLCxRQ5b9Q==
Age: 3030


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.227.219.2
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1fd0922e473ba97ff6a00f6c71141a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: IHWkmfCHGmxeb-YILDUZZF9RQF6omR7cMH9Rk40UxrBFgeKGYiUSCw==
age: 53604
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 06 Oct 2022 18:41:57 GMT
ETag: "a0ef15ac4bbd7db5ff2f812d796fc09dcc63d0c9"
Last-Modified: Sun, 02 Oct 2022 18:41:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75402592edc2b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    6625c485ada13c9f707a6cfd3e8c0abe
Sha1:   a0ef15ac4bbd7db5ff2f812d796fc09dcc63d0c9
Sha256: c2c4d085b852f5a53777ce90368ee9de08a9f2c472ca310e4cfa4ac2348a802e
                                        
                                            GET /file/197y74syfmg/cspstp1123.rar HTTP/1.1 
Host: filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         95.211.200.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 20:21:51 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /file/197y74syfmg/cspstp1123.rar HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 4808
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; path=/ locale=en_US.utf8; expires=Mon, 03-Oct-2022 20:21:51 GMT; path=/; domain=.filefactory.com LBPERSIST=persist_w4; path=/
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   4808
Md5:    3af2094c16e2914489c5bc0745b285dd
Sha1:   2a5f30ae3d16742036f3be463ddab3126c2da5e8
Sha256: 4624327b394538a5c3008a05730ac9c3acebe3d73c5abd3138252ce477529a49
                                        
                                            GET /css/vendor/bootstrap.min.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 18734
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   18734
Md5:    d9c4e81d89198caf489562c850e6c515
Sha1:   e3da6be0dca0ea45d190dd5fe3ac3f7fda0219fb
Sha256: 8243a13ef5d4e10a2ff5b6f171137f74c77b1ccff30b1e7157779242196e04cd
                                        
                                            GET /css/vendor/bootstrap-dialog.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 516
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (2012), with no line terminators
Size:   516
Md5:    0369f3f2323383c427de48d1826d3f36
Sha1:   c4badfee0621c82fc0a10920d3228cea11111378
Sha256: 47910de5c7f0bb200606b508202690a36dc0055805dffe7b6972fc037430a3c4
                                        
                                            GET /css/filefactory.wp.download.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 651
Connection: keep-alive
Last-Modified: Sat, 17 Jun 2017 04:44:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   651
Md5:    67670bc7620a54bc2d4e7dec96399e77
Sha1:   3c84a45236e315a038a1598cc0a229c42d799c86
Sha256: 404089245c8aaa3a29cf57f852d664bbdb49f8aafd57708f3da51c18a35b5a43
                                        
                                            GET /js/vendor/bootstrap-dialog.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 4188
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (16771), with no line terminators
Size:   4188
Md5:    2e9e8a0844e9bb269412720e30ec518c
Sha1:   4e1ef0cfa65000b885a1d9512e030edb354eff44
Sha256: a94d3e76ce47a9501f02dbe231a9f7c4b1a8a9dae4a74497dd551a4aa349a58a
                                        
                                            GET /css/filefactory.wp.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 2030
Connection: keep-alive
Last-Modified: Tue, 14 Aug 2018 04:54:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   2030
Md5:    8abbab6476fafabcaf7f435f4c498f21
Sha1:   86fce7af2f73e7dc00689c46ed7a7aa6ca777ff8
Sha256: 953878b3e7c4fe71dea5a70200582d38ef6a178f7f83095b677aa3f50dd37d38
                                        
                                            GET /js/filefactory.common.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 1700
Connection: keep-alive
Last-Modified: Tue, 07 May 2019 08:33:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (2383), with CRLF line terminators
Size:   1700
Md5:    2c07a42028cdc50efce1586cc7175ba8
Sha1:   dc1a5da5eb06d466cc8860cd593bc7a0cf2b99ac
Sha256: 31f1cf190e5db84a4eebafd0bcbb48f80c2d3f0c9346f6e00406937fc5b8ba7e
                                        
                                            GET /js/vendor/bootstrap.min.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 9691
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (36622), with no line terminators
Size:   9691
Md5:    19ffde9db3c06677e3c134246a77dc4a
Sha1:   4787610b6ee20909c031e97e5045c18496c8e4b7
Sha256: 12fae54989d035cf72a58295e88ede408b1470096bfa620fd31523e3c742bf45
                                        
                                            GET /js/vendor/jquery.cookie.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 616
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1143), with no line terminators
Size:   616
Md5:    9dc410259b911c91103b71b0da4db1b4
Sha1:   8bbfe01b65bd9ba687c1407131f7dd4d31ca51e3
Sha256: 76c01394e846761a9d20c84a4919d42558cb6619ec2c44577681e72f495e853a
                                        
                                            GET /js/vendor/jquery.selectBoxIt.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 7079
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (25709), with no line terminators
Size:   7079
Md5:    3418e0d552b349825bcbba8c5446d4c5
Sha1:   ac15f8e5059dd7f535538dbafb51d3dbb1aad877
Sha256: 6ee9075e709af09965a6b769d7fc6ca5825039dacad075112033b0235171f043
                                        
                                            GET /js/vendor/countdown_plugins.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 14997
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (45450), with no line terminators
Size:   14997
Md5:    f34475e9958e420955c700820b870ded
Sha1:   ef50b2ea27da3fe99502e01c5320a8a0b80de17f
Sha256: 1205aa096ef6cdffe92d6705b7c0e1b1a963b1d3c5a86816c0a5362b6ab3d5b2
                                        
                                            GET /js/vendor/countdown.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 837
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (3495), with no line terminators
Size:   837
Md5:    427a0fc92994a6b92d0f4b65d1bee5aa
Sha1:   4f59883fd8e3e861872e76095beaa05e59b9037a
Sha256: 39fda67bbaba8165bcb44293edde7410ff29e149866141fc25e9774d7bfd7327
                                        
                                            GET /js/vendor/jquery.zclip.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 2603
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:37:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (7482), with no line terminators
Size:   2603
Md5:    15514f102ce938370faf62a5935f98a4
Sha1:   9ab90f99b5113a7eacc89cf495e6d00bf7a97abf
Sha256: c8e2aebf568b1b0d4d96818f40020d0681a0ab5a7ff9ba2f61f546593559c9f1
                                        
                                            GET /js/filefactory.download.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 3941
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Tue, 01 Nov 2022 20:21:51 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (12559), with no line terminators
Size:   3941
Md5:    0e8beb3e9e301026a8696b9b8ac607d5
Sha1:   b0e8de3dc6fd295f87bbb4495639811a5ac02eae
Sha256: d25eddf5332fcc8d069e66ec73a005e34d8d59d0d98d09780758af14fb310eff
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "783D5ACFE63D45B540CC971507341792DA96AF6DEDB982B7CF1699BF674C74F5"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Sun, 02 Oct 2022 21:04:57 GMT
Date: Sun, 02 Oct 2022 20:21:51 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.227.219.12
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 19:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 19:36:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: iKrZEb0amBbMJKWniQV2ZYfTNZyhnK4CykLHLoqFPLsuqOYuAO_m9Q==
Age: 3138


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D9FD6B887EEA9033C3315B664ABA4401FEE838012F688FAF856FC78EBB9ABF2F"
Last-Modified: Fri, 30 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4405
Expires: Sun, 02 Oct 2022 21:35:16 GMT
Date: Sun, 02 Oct 2022 20:21:51 GMT
Connection: keep-alive

                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 02:47:33 GMT
expires: Mon, 02 Oct 2023 02:47:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 63258
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5595
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:21:51 GMT
Last-Modified: Sun, 02 Oct 2022 18:48:36 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jqueryui/1.11.1/jquery-ui.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 63865
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:44 GMT
expires: Sun, 01 Oct 2023 01:05:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 155767
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32119)
Size:   63865
Md5:    5fff368bebfbbc83919d7ddd9afac949
Sha1:   8b89f7c5ab4700ef0289ff30142082bd108e0354
Sha256: a8969e8853f473ca839e9728872e08c1f0ac0851fe1431d29fa5ed7382910990
                                        
                                            GET /g9RbYoQO26rZA3R/55129 HTTP/1.1 
Host: henoticpipi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:21:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 03-Oct-2022 20:21:51 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 03-Oct-2022 20:21:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /wp/img/filefactory-logo-white.svg HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:01 GMT
Content-Length: 6174
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   6174
Md5:    249acd65dbe7bf8bdf2477d1a7a1bdee
Sha1:   f322b0d7e66ee18be95a820e463e957cc50e1238
Sha256: 8cd74251eda091402e01f67f217f5a466d87d0111cc9b5724a831cf21a938cd8
                                        
                                            GET /r3ZwU3RRZQUni7/55128 HTTP/1.1 
Host: usingswhoring.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.248.156
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:21:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 03-Oct-2022 20:21:51 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 03-Oct-2022 20:21:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp/img/icon-check.svg HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:02 GMT
Content-Length: 22124
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (19596)
Size:   22124
Md5:    579390788f26cffc187c3b213e7d6de8
Sha1:   e59bf4557c47f482b1b354957151e6497b0d7ded
Sha256: ba629a33ef0767607e2539945008431805ea1d2d2ebc4ffd877ab3c3b23991a7
                                        
                                            GET /wp/img/icon-cloud.svg HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:02 GMT
Content-Length: 17092
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (14564)
Size:   17092
Md5:    1036571f93a23865267246ebf737a0c2
Sha1:   5a08d068303aecabf2fdc2d203101f8063a3cc42
Sha256: e751c9f7db67a14fa7e5c3a51a8c62a4e3a151a06cc2f0bcec8e11ca6c2c57fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 148376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l//16WxQr2r0WyJCquI3Dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nYoprW1UEtLCHz3tdQNtZ4pCZDg=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "42CC41013EFFBB4E8BB7529EA993073C00B56698E8A9E68E02F974C6F6C2D670"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1753
Expires: Sun, 02 Oct 2022 20:51:05 GMT
Date: Sun, 02 Oct 2022 20:21:52 GMT
Connection: keep-alive

                                        
                                            GET /b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js HTTP/1.1 
Host: forgivenessimpact.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Sun, 02 Oct 2022 20:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0b9ff542414d7710bc8e0d83cda75f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59373), with no line terminators
Size:   20314
Md5:    c37493a6bf6810ca93f0bebc3a8df7ca
Sha1:   8cfe6550f551368260e14a21810fd6bdfc0a900c
Sha256: 80b85df9f3133d4eecc411adaa6e0d88c8d663f413b97b2e9e8a0776b5a83345

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /g9RbYoQO26rZA3R/55129 HTTP/1.1 
Host: henoticpipi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 20:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "06C3AC5B39D0FAC1CAB90FB11CB2F7CCD66FCC2C3E57464C9F1485669E6C6756"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6736
Expires: Sun, 02 Oct 2022 22:14:08 GMT
Date: Sun, 02 Oct 2022 20:21:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         52.222.137.60
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:21:52 GMT
Last-Modified: Sun, 02 Oct 2022 18:39:49 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9c84f9ddc9675b0adb884f2700ada8f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: sw2Sg_lGCT5DSSwrWbgig_cVwp9sK1RfM-YcrURbF-a0omO8MHgzdg==
Age: 6123

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 02 Oct 2022 20:21:52 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
set-cookie: uid_id2=80f917e3-94e7-4956-be17-152461c23b38:3:1; expires=Wed, 29 Sep 2032 20:21:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    fe1aaf54b4f4985d29c4c9eb197c496a
Sha1:   b54b8ab684b3cdb0a328a10c7cf428b2d0a02c5d
Sha256: 207b21170680313edf5268f78095d966a6abe3267b555988d41d99926646654d
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "06C3AC5B39D0FAC1CAB90FB11CB2F7CCD66FCC2C3E57464C9F1485669E6C6756"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6736
Expires: Sun, 02 Oct 2022 22:14:08 GMT
Date: Sun, 02 Oct 2022 20:21:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B7F2114916E2F98D438A6D887106833640EBF9C0D1DACDC1EF3DD1A56CDF464"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Sun, 02 Oct 2022 22:17:23 GMT
Date: Sun, 02 Oct 2022 20:21:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3884
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:21:52 GMT
Last-Modified: Sun, 02 Oct 2022 19:17:08 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 20:17:11 GMT
expires: Sun, 02 Oct 2022 22:17:11 GMT
cache-control: public, max-age=7200
age: 281
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1cyCwCBgCjOExN5l9Qur0v684AlimCBrGV0fdTk/4GXeDXQapJ2yL93riAQW1TGOrsrG3L77zlXNoTkl49oTwQ==
content-length: 26840
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 20:21:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3884
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 20:21:52 GMT
Last-Modified: Sun, 02 Oct 2022 19:17:08 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 20:21:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/197y74syfmg/cspstp1123.rar
Cookie: PHPSESSID=1bpp5t4n3n4hnco4ce1l2nhhs2; locale=en_US.utf8; LBPERSIST=persist_w4; dom3ic8zudi28v8lr6fgphwffqoz0j6c=80f917e3-94e7-4956-be17-152461c23b38%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 02 Oct 2022 19:54:03 GMT
Content-Length: 99678
Connection: keep-alive
Last-Modified: Thu, 22 Oct 2015 02:35:05 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   99678
Md5:    90e3dcc0cc6a5c4809b7dfd50e966015
Sha1:   17e2063b061ea56bc5bd7b65901765289b5b6824
Sha256: 3eacac1f0142be27236ddad54cf1450ffe8aa60175af254938e7f7c5f99532a9
                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1422&rd=1422&fd=890&bv=22.8.v.1&tmpl=70 HTTP/1.1 
Host: prawnsimply.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.139.164
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 20:21:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D3AEDF73CB63E9FF961DAD6D73041F9871420CD7920FF31DBE9D146B91618E4"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Sun, 02 Oct 2022 21:27:39 GMT
Date: Sun, 02 Oct 2022 20:21:53 GMT
Connection: keep-alive

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 20:21:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b50e27db5cba195a6697804da01e3504
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2542
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:21:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2542
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:21:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2542
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 20:21:53 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 80828
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 81270
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    6047192460abf4afd600948abb5e6ee1
Sha1:   6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
Sha256: d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 56414
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
age: 80823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9600
Md5:    11f2e40823827b62bca89d18ee279cb2
Sha1:   fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
age: 80898
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11083
Md5:    edded48f558f739287a040151349ef67
Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff
Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 80898
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6871
Md5:    9dddb9d84a16a3004821d89836b83dc3
Sha1:   087521979efd5936416fd7f030779fa5725f0a8f
Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
                                        
                                            GET /tr/?id=559928301484091&ev=PageView&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F197y74syfmg%2Fcspstp1123.rar&rl=&if=false&ts=1664742113005&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664742113003.541448397&it=1664742112781&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 20:21:53 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=559928301484091&ev=ff_member&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F197y74syfmg%2Fcspstp1123.rar&rl=&if=false&ts=1664742113009&cd[type]=free&cd[subends]=0&cd[subduration]=0&cd[files]=0&cd[filesdownloaded]=0&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664742113003.541448397&it=1664742112781&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 20:21:53 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /t246f07e0/img/e3t46_c48dh5_281c55c4.jpg HTTP/1.1 
Host: engagecdn.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.45863408.1664742113.1664742113.1664742113.1; __utmb=140252452.1.10.1664742113; __utmc=140252452; __utmz=140252452.1664742113.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         89.149.201.75
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 02 Oct 2022 20:21:53 GMT
content-length: 14043
last-modified: Mon, 12 Apr 2021 00:50:42 GMT
expires: Mon, 02 Oct 2023 20:21:53 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3\012- data
Size:   14043
Md5:    a5334cac2d8801281abfc1334f1f8e91
Sha1:   30c642fd9ec419a048727344e168b136ed557082
Sha256: 65a4214abfedbf1e3c3475b6692fef15dc47bdfa4c34f17ec1d6d042632d4bb5
                                        
                                            GET /t246f07e0/img/e3t46_7nddx8_c5571da8.png HTTP/1.1 
Host: engagecdn.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.45863408.1664742113.1664742113.1664742113.1; __utmb=140252452.1.10.1664742113; __utmc=140252452; __utmz=140252452.1664742113.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         89.149.201.75
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 02 Oct 2022 20:21:53 GMT
content-length: 13449
last-modified: Thu, 01 Apr 2021 11:42:54 GMT
expires: Mon, 02 Oct 2023 20:21:53 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 800, 8-bit colormap, non-interlaced\012- data
Size:   13449
Md5:    c425762e171a0f79cf8024458a6f5175
Sha1:   248bbe79e349d660ba25a89dcc2ae1adef79e1f8
Sha256: 373ed1d7d4abc498eb0e695c9e01b934ffd1f3e24d754188d539e3cb6ea39ca6
                                        
                                            GET /?938685878&keywords=guest HTTP/1.1 
Host: engagesrvr.filefactory.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         212.32.237.11
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 02 Oct 2022 20:21:53 GMT
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-store, no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
link: <//engagecdn.filefactory.com>; rel=dns-prefetch
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2921), with no line terminators
Size:   122958
Md5:    6eadd74444dfb1b674a7a432effeabfc
Sha1:   017b8fd10b945e56365240a3094c111d5efc2069
Sha256: eded34bb35a1400df744791f977522939a6e4223eb0bdea01159186964fc88e1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7A5DB34068FB34056744665A1E81460DA9473CAF812D47B5EE75A64F8D78AE2B"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2266
Expires: Sun, 02 Oct 2022 20:59:40 GMT
Date: Sun, 02 Oct 2022 20:21:54 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=80f917e3-94e7-4956-be17-152461c23b38&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=b66ff7c1636b152673f970d2464db83f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 20:21:54 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca483329fbfd7404f2f31ecdc6692659
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.254
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 02 Oct 2022 20:21:52 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6e23c4ef707c43da97d155720668966e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 20:21:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa%2BWtzcUj%2BXa7TBQHXg%2Biwo6rulmIcTnB0SwEr3s%2FbHJN8D1KGHlw1VlmXE%2Bo%2FC4W7nZkA9VVw0FnkieS7VK8SJxsGvM6VBWjPeee6%2B3mkT7ac8coTdHIJAWKqkRVyKcm5NpO%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7540259a9f800712-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:400,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 20:21:51 GMT
date: Sun, 02 Oct 2022 20:21:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---