urlquery - report: download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (13)	344	No data	No data	23.33.119.27
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-12-05 04:09:35 UTC	216.239.34.36	Domain (google-analytics.com) ranked at: 8401
affili.st (2)	0	2017-03-07 15:15:33 UTC	2022-11-26 23:03:59 UTC	185.66.201.42	Unknown ranking
o-oo.ooo (1)	838293	2017-02-01 17:22:18 UTC	2022-12-05 02:07:49 UTC	185.66.201.42
download.tl (22)	0	2022-04-08 09:06:48 UTC	2022-12-05 15:43:25 UTC	185.66.200.173	Unknown ranking
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
fonts.googleapis.com (2)	8877	2013-06-10 20:14:26 UTC	2022-12-05 11:11:06 UTC	142.250.74.106
fonts.gstatic.com (5)	0	2014-09-09 00:40:21 UTC	2022-12-05 08:18:24 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.187.71.185
cdn.puuush.me (2)	0	2022-02-21 19:22:17 UTC	2022-12-03 17:22:20 UTC	173.236.118.99	Unknown ranking
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-12-05 08:37:19 UTC	142.250.74.168
qoaaa.com (7)	239567	2018-11-26 21:58:30 UTC	2022-12-05 19:57:26 UTC	185.66.201.42
my-pu.sh (1)	0	2022-05-09 08:41:39 UTC	2022-12-02 03:51:40 UTC	185.66.201.58	Unknown ranking
img-getpocket.cdn.mozilla.net (4)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-05 04:09:09 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-05 04:09:48 UTC	34.117.237.239
ocsp.pki.goog (7)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.131
aff-aff.advertica-cdn.com (2)	0	2017-10-05 08:35:28 UTC	2022-11-26 23:03:50 UTC	185.66.200.127	Domain (advertica-cdn.com) ranked at: 739624
aff-a.advertica-cdn.com (1)	0	2017-09-18 15:27:46 UTC	2022-12-05 18:23:57 UTC	185.66.200.127	Domain (advertica-cdn.com) ranked at: 739624

Scan Date	Severity	Indicator	Comment
2022-12-06	2	qoaaa.com/js/responsive.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-28 23:09:54 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-26 15:19:04 +0000	0 - 0 - 1	download.tl/download/c4a79dfc1d67a07ab696e716 (...)	185.66.200.173
2023-01-25 14:22:42 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-25 05:39:53 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-25 03:07:55 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173

Date	UQ / IDS / BL	URL	IP
2023-01-29 12:42:57 +0000	0 - 4 - 0	6784.world/go.php?go=us.r-q.media/?utm_medium (...)	185.66.201.7
2023-01-28 23:09:54 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-26 15:19:04 +0000	0 - 0 - 1	download.tl/download/c4a79dfc1d67a07ab696e716 (...)	185.66.200.173
2023-01-26 09:31:13 +0000	0 - 0 - 1	qoaaa.com/baa1c603fd95f8310018/4db48ddfa9/	185.66.201.42
2023-01-25 14:22:42 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173

Date	UQ / IDS / BL	URL	IP
2023-01-28 23:09:54 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-26 15:19:04 +0000	0 - 0 - 1	download.tl/download/c4a79dfc1d67a07ab696e716 (...)	185.66.200.173
2023-01-25 14:22:42 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-25 05:39:53 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173
2023-01-25 03:07:55 +0000	0 - 0 - 1	download.tl/download/f4d88a99f9f2333a22becba7 (...)	185.66.200.173

Request	Response
GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ FQDN: download.tl IP: 185.66.200.173 HASH: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a 185.66.200.173 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Tue, 06 Dec 2022 00:03:28 GMT Content-Length: 162 Connection: keep-alive Location: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 4f8e702cc244ec5d4de32740c0ecbd97 Sha1: 3adb1f02d5b6054de0046e367c1d687b6cdf7aff Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7748 Expires: Tue, 06 Dec 2022 02:12:37 GMT Date: Tue, 06 Dec 2022 00:03:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1289 Cache-Control: max-age=125359 Date: Tue, 06 Dec 2022 00:03:29 GMT Etag: "638dc877-1d7" Expires: Wed, 07 Dec 2022 10:52:48 GMT Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee088fab9b287e174cfd1f2c735a909f Sha1: 25c3335b514a36ad1a24d00413d60c3d394f5161 Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10739 Expires: Tue, 06 Dec 2022 03:02:28 GMT Date: Tue, 06 Dec 2022 00:03:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 05 Dec 2022 23:18:31 GMT cache-control: public,max-age=3600 age: 2698 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 6S7fvcgkvyAdLgT8MMHPO4wq7HIKdZQVvEjgZ3dhNEWBCPkHrU/RuTQWLd+jlwq4ck9L0N1IOcM= x-amz-request-id: CN9VCQWVD8WT8BJT content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 05 Dec 2022 23:48:42 GMT age: 887 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: d051ce4e860cd8db2cd4b6aa2e2e4a9df4d5441892b2210be9a41dd58742090f 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D051CE4E860CD8DB2CD4B6AA2E2E4A9DF4D5441892B2210BE9A41DD58742090F" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2711 Expires: Tue, 06 Dec 2022 00:48:40 GMT Date: Tue, 06 Dec 2022 00:03:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0ef3730c2cf93ab1e2c1b01e9d73ed64 Sha1: cb7ce53372da96fe8b9e4ad2385f1e9d772902ca Sha256: d051ce4e860cd8db2cd4b6aa2e2e4a9df4d5441892b2210be9a41dd58742090f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 5f16a534222e5749ef240d413826c2f6 Sha1: 11683d84d420dd6f919425094edb8961278f7fed Sha256: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
GET /css/bootstrap.min.css HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/bootstrap.min.css FQDN: download.tl IP: 185.66.200.173 HASH: dfaa8bf4b1c788015d7c0208419f1cd0776008beaabbfbfb1f4a86ebb7ecc57f 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 121317 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-1d9e5" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65371) Size: 121317 Md5: bd646f0d6da93f6332d4f1d86ee0942f Sha1: 6de9e58a7f4a177f8711cbbae26e7db92136359f Sha256: dfaa8bf4b1c788015d7c0208419f1cd0776008beaabbfbfb1f4a86ebb7ecc57f
GET /css/style.min.css?1666529618 HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/style.min.css?1666529618 FQDN: download.tl IP: 185.66.200.173 HASH: eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 13492 last-modified: Sun, 23 Oct 2022 12:53:38 GMT etag: "63553952-34b4" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (13492), with no line terminators Size: 13492 Md5: c5100527a08c426e8bd5702dc9c53936 Sha1: 9ce0345d98384ef4e4fa88f10889734102ddff5b Sha256: eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c
GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ FQDN: download.tl IP: 185.66.200.173 HASH: bd36efc41c51137739dab1bf24ad6b6d6c5ddac4a9ffa10e0951130a117b19ee 185.66.200.173 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; path=/; secure; HttpOnly; SameSite=Strict lang=en; expires=Thu, 05-Jan-2023 00:03:29 GMT; Max-Age=2592000; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict VHYy=knXr; expires=Tue, 06-Dec-2022 05:00:00 GMT; Max-Age=17791; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2764) Size: 21923 Md5: 2a8ca2d38dba8f8ae082d0355868e018 Sha1: f6b90f18688a5a2dc48d665ab2888c128b7b8497 Sha256: bd36efc41c51137739dab1bf24ad6b6d6c5ddac4a9ffa10e0951130a117b19ee
GET /css/font-awesome.min.css HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/font-awesome.min.css FQDN: download.tl IP: 185.66.200.173 HASH: 4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 30990 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-790e" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (30828) Size: 30990 Md5: 621cf15eb9ee7413873564e6750c0809 Sha1: 401421861f5012bfb116e5e07cc9d5e8bb03f7bb Sha256: 4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285
GET /gtag/js?id=G-SSJE53WRJ5 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=G-SSJE53WRJ5 FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 3e5ebb85a27f4ad8bfe657438176cea248048a5ce8959f5b31d91845f5bcb137 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 06 Dec 2022 00:03:29 GMT expires: Tue, 06 Dec 2022 00:03:29 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 76817 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (22462) Size: 76817 Md5: 8b05145a283a876884f0f99e4ba5555d Sha1: dea433425a0be059733f379bdebc78a9de3ff126 Sha256: 3e5ebb85a27f4ad8bfe657438176cea248048a5ce8959f5b31d91845f5bcb137
GET /css/themes/blue.min.css HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/themes/blue.min.css FQDN: download.tl IP: 185.66.200.173 HASH: 3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 472 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-1d8" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (472), with no line terminators Size: 472 Md5: a395d36f6ad74367c5e9d28a4c7b0a99 Sha1: f3e962bfa9ae1909a86efb8438f8291074bb56d2 Sha256: 3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22
GET /css/select2.min.css HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/select2.min.css FQDN: download.tl IP: 185.66.200.173 HASH: 907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 15823 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-3dcf" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (15822) Size: 15823 Md5: 809b4f5299218eab37a7c31e4c20478b Sha1: c9448efbf22bc6f6fbbbbfebbd656642bab13767 Sha256: 907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49
GET /css/select2-bootstrap.min.css HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/css/select2-bootstrap.min.css FQDN: download.tl IP: 185.66.200.173 HASH: f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31 185.66.200.173 HTTP/2 200 OK content-type: text/css server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 16799 last-modified: Thu, 14 Oct 2021 15:33:42 GMT etag: "61684dd6-419f" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (16470) Size: 16799 Md5: bf537ebef54c75143541dd6221ac72f8 Sha1: 72ff972b044d607c2fe4b02c75038cabd4efdcf7 Sha256: f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31
GET /js/bootstrap.min.js HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/js/bootstrap.min.js FQDN: download.tl IP: 185.66.200.173 HASH: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 37045 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-90b5" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32033) Size: 37045 Md5: 5869c96cc8f19086aee625d670d741f9 Sha1: 430a443d74830fe9be26efca431f448c1b3740f9 Sha256: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /js/main.min.js?1636993690 HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/js/main.min.js?1636993690 FQDN: download.tl IP: 185.66.200.173 HASH: 62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 961 last-modified: Mon, 15 Nov 2021 16:28:10 GMT etag: "61928a9a-3c1" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (450) Size: 961 Md5: fb48e56feb8391b1c2b599832c76a7f8 Sha1: f40011eb16f2b2e8cd29ff6bb25a45426679f591 Sha256: 62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c
GET /js/download.min.js?1666892246 HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/js/download.min.js?1666892246 FQDN: download.tl IP: 185.66.200.173 HASH: 47e163754c43bab9cfc374f88d641317028ebf5215e5f8c7242d90cf7cb151da 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 1158 last-modified: Thu, 27 Oct 2022 17:37:26 GMT etag: "635ac1d6-486" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (500) Size: 1158 Md5: 43189dcfca2b2a1a2dfb463d2337dbd5 Sha1: 0fe3391f6491d1d3c58a1121851770b59d004614 Sha256: 47e163754c43bab9cfc374f88d641317028ebf5215e5f8c7242d90cf7cb151da
GET /js/jquery.min.js HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/js/jquery.min.js FQDN: download.tl IP: 185.66.200.173 HASH: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 89501 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-15d9d" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 89501 Md5: 8fb8fee4fcc3cc86ff6c724154c49c42 Sha1: b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 Sha256: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /js/select2.min.js HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/js/select2.min.js FQDN: download.tl IP: 185.66.200.173 HASH: 9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 72443 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-11afb" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (64125) Size: 72443 Md5: 1e3d14fddf0553e0b51f69cdccd4fd7f Sha1: b36737e7d2a65815c40ac86d0502f0cbb8b9bad8 Sha256: 9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
GET /images/logo.svg HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/logo.svg FQDN: download.tl IP: 185.66.200.173 HASH: 8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412 185.66.200.173 HTTP/2 200 OK content-type: image/svg+xml server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 7497 last-modified: Thu, 21 Apr 2022 05:48:35 GMT etag: "6260f033-1d49" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1064) Size: 7497 Md5: 5a5e2d2d819b65a94450d7fe8fa76233 Sha1: 64cc86f42a940e7dad8d33cb0802dd51490ee22e Sha256: 8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412
GET /images/home_icon_1.png HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/home_icon_1.png FQDN: download.tl IP: 185.66.200.173 HASH: 6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95 185.66.200.173 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 1097 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-449" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 1097 Md5: 048b30786019caeb221dea0f39d6afdb Sha1: 67fa6b67ad8ae0e1b283a4928158e43f59e81545 Sha256: 6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
GET /images/home_icon_2.png HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/home_icon_2.png FQDN: download.tl IP: 185.66.200.173 HASH: c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb 185.66.200.173 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 1127 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-467" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 1127 Md5: 16ee48571a5309c0420c476756c5d354 Sha1: 8487a3c1d97cc434a5d3ddddc63e406faefc55bf Sha256: c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
GET /images/home_icon_3.png HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/home_icon_3.png FQDN: download.tl IP: 185.66.200.173 HASH: d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985 185.66.200.173 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 1035 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-40b" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 1035 Md5: 4c746521247dd8e8520c96731d60ece0 Sha1: 098c5993b275a6adbfb9f18b231829496f1d3406 Sha256: d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20274 Expires: Tue, 06 Dec 2022 05:41:23 GMT Date: Tue, 06 Dec 2022 00:03:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecb98d3ec67bf68886c77cabf5597822 Sha1: a95ccdae9bde40ba65b034a945888ecb8e037d8b Sha256: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5
GET /images/article/32/1.png HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/article/32/1.png FQDN: download.tl IP: 185.66.200.173 HASH: 390209fabbc37c421be344da34ff061def57c80ecbde230f66111765a30e84b4 185.66.200.173 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 72521 last-modified: Tue, 20 Sep 2022 15:00:24 GMT etag: "6329d588-11b49" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 600 x 410, 8-bit colormap, non-interlaced\012- data Size: 72521 Md5: dfb5fa70ca04a1401edc62a5e867375e Sha1: bf7bb2674dfaccbbc13e0c9f2e368622c001e567 Sha256: 390209fabbc37c421be344da34ff061def57c80ecbde230f66111765a30e84b4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10370 Expires: Tue, 06 Dec 2022 02:56:19 GMT Date: Tue, 06 Dec 2022 00:03:29 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecb98d3ec67bf68886c77cabf5597822 Sha1: a95ccdae9bde40ba65b034a945888ecb8e037d8b Sha256: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5
GET /images/article/32/2.png HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/images/article/32/2.png FQDN: download.tl IP: 185.66.200.173 HASH: a172dba33a349405f00dc6b416cd89207bcaaffd37879dfd41d919fb428819d7 185.66.200.173 HTTP/2 200 OK content-type: image/png server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT content-length: 78218 last-modified: Tue, 20 Sep 2022 15:00:24 GMT etag: "6329d588-1318a" expires: Thu, 05 Jan 2023 00:03:29 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 600 x 425, 8-bit colormap, non-interlaced\012- data Size: 78218 Md5: b431e52df5e434134756ad6389b94d13 Sha1: 370651407c45a34a9c7dacae6859543494c91ac4 Sha256: a172dba33a349405f00dc6b416cd89207bcaaffd37879dfd41d919fb428819d7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 5f16a534222e5749ef240d413826c2f6 Sha1: 11683d84d420dd6f919425094edb8961278f7fed Sha256: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 7dfb548d8f8a99d32050803775fad5d6 Sha1: 8b47999a01db7c2217d76a1cec576809a229cf1b Sha256: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:29 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 7dfb548d8f8a99d32050803775fad5d6 Sha1: 8b47999a01db7c2217d76a1cec576809a229cf1b Sha256: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 05 Dec 2022 23:08:58 GMT cache-control: public,max-age=3600 age: 3271 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto:300,400,500,600,700 FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 31a20dc674f0a8f2da51de9df9376d8f5f79d71d740d2a657b73a11bbc924bc2 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 06 Dec 2022 00:03:29 GMT date: Tue, 06 Dec 2022 00:03:29 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1160 Md5: a68eb99a9ff39884b5be2950ee50c65e Sha1: 0485c98bb373d37aeb80f20cf549963b614571b6 Sha256: 31a20dc674f0a8f2da51de9df9376d8f5f79d71d740d2a657b73a11bbc924bc2
GET /js/responsive.js HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: qoaaa.com/js/responsive.js FQDN: qoaaa.com IP: 185.66.201.42 HASH: 8ef05a78bc11bbcc26606b011d453cd3e5bfc8adffb0c2095aa168c080b21e68 185.66.201.42 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT last-modified: Wed, 02 Nov 2022 13:52:39 GMT etag: W/"63627627-e32" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 1501 Md5: dbc33c1b11e09f1c3a44ff63d9119278 Sha1: f1b057d7857c0c5a676bf9f3e33f7b02d73368b8 Sha256: 8ef05a78bc11bbcc26606b011d453cd3e5bfc8adffb0c2095aa168c080b21e68 Alerts: Blocklists: - fortinet: Phishing
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://download.tl Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:54 GMT expires: Thu, 30 Nov 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 448176 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 79c225db327a78b782f5a9512b07eaf0 Sha1: 398a1be3a70264d959146d6670d2ca54cdf4e91a Sha256: 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e24f2da4ed2e3cd07b0999a67550d634 Sha1: 6e2277e734fd0015849c3554dd2cf2ae289c2cf2 Sha256: 74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://download.tl Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30480 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 20:08:19 GMT expires: Thu, 30 Nov 2023 20:08:19 GMT cache-control: public, max-age=31536000 age: 446111 last-modified: Wed, 27 Apr 2022 16:04:03 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data Size: 30480 Md5: 0e7e5f9d3a8ef121149827180b790b5c Sha1: 0e9f9333078e5df9245630ff6f68ba1d9da3c403 Sha256: e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1272 Cache-Control: max-age=120274 Date: Tue, 06 Dec 2022 00:03:30 GMT Etag: "638db4ac-1d7" Expires: Wed, 07 Dec 2022 09:28:04 GMT Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT Server: ECS (ska/F70F) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2b9d6a686aa3c4ea24568425e43a5221 Sha1: d53bb4c9579bd1db78a0520619e888aec79f750f Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://download.tl Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 11872 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:42:24 GMT expires: Thu, 30 Nov 2023 19:42:24 GMT cache-control: public, max-age=31536000 age: 447666 last-modified: Wed, 11 May 2022 19:25:01 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data Size: 11872 Md5: 87ace20058325aa069320aa4af875dff Sha1: b743548770c46d905ae1ba06310bc001c587fe8e Sha256: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://download.tl Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9628 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Dec 2022 08:09:46 GMT expires: Fri, 01 Dec 2023 08:09:46 GMT cache-control: public, max-age=31536000 age: 402824 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data Size: 9628 Md5: d9ac47c7e500fb7083b8d595eaf6fe12 Sha1: 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 00:03:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 79c225db327a78b782f5a9512b07eaf0 Sha1: 398a1be3a70264d959146d6670d2ca54cdf4e91a Sha256: 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 8e7cc3b4dc204249690fc38b110d309e7db56bd8b92d7d43311aa21d9661aa9e 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8E7CC3B4DC204249690FC38B110D309E7DB56BD8B92D7D43311AA21D9661AA9E" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15259 Expires: Tue, 06 Dec 2022 04:17:49 GMT Date: Tue, 06 Dec 2022 00:03:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f2fc10d866ee3cc0df070dd51ab28f85 Sha1: 937d2d499aaa56b803ab36083e0fc6bddb7bbce6 Sha256: 8e7cc3b4dc204249690fc38b110d309e7db56bd8b92d7d43311aa21d9661aa9e
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: SUwowygQcmaLd+AwzkkNIQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.187.71.185 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.187.71.185 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: slhPGs9bNKqlhrnBS5b/5XAzt9A= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://download.tl Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:34:15 GMT expires: Thu, 30 Nov 2023 19:34:15 GMT cache-control: public, max-age=31536000 age: 448155 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 Host: my-pu.sh User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my-pu.sh/9668f6a5b437ef48b15e/af7248ffce/?placementName (...) FQDN: my-pu.sh IP: 185.66.201.58 HASH: ebee1a3b2a908d6360d0f875e7be673fae0e103263b87e05af60264bcfc18991 185.66.201.58 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:30 GMT set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; secure; SameSite=None used_ad2694267=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; secure; SameSite=None push_loaded=yes; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; path=/; secure; SameSite=None expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 16121 Md5: e8f45e17bd40fbd9e5c2dbea4d4a871e Sha1: 5be6975f608ba0608bf15051add3c1c74eecac2e Sha256: ebee1a3b2a908d6360d0f875e7be673fae0e103263b87e05af60264bcfc18991
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://download.tl/css/font-awesome.min.css Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/fonts/fontawesome-webfont.woff2?v=4.7.0 FQDN: download.tl IP: 185.66.200.173 HASH: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe 185.66.200.173 HTTP/2 200 OK content-type: font/woff2 server: nginx date: Tue, 06 Dec 2022 00:03:30 GMT content-length: 77160 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-12d68" strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size: 77160 Md5: af7ae505a9eed503f8b8e6982036873e Sha1: d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 6ac4905b3fda1dbdcb97dbd3b623bcb13d9882fcd86d9f5b021cb1b157d7adcd 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6AC4905B3FDA1DBDCB97DBD3B623BCB13D9882FCD86D9F5B021CB1B157D7ADCD" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11136 Expires: Tue, 06 Dec 2022 03:09:06 GMT Date: Tue, 06 Dec 2022 00:03:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 75253d4b3ac5dbf485f6b6b12bcf0815 Sha1: 8dd5e53741d30956bda63d3d6c6fca04cc2c4997 Sha256: 6ac4905b3fda1dbdcb97dbd3b623bcb13d9882fcd86d9f5b021cb1b157d7adcd
GET /favicon.ico HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: download.tl/favicon.ico FQDN: download.tl IP: 185.66.200.173 HASH: d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8 185.66.200.173 HTTP/2 200 OK content-type: image/x-icon server: nginx date: Tue, 06 Dec 2022 00:03:30 GMT content-length: 164551 last-modified: Tue, 05 Oct 2021 14:52:13 GMT etag: "615c669d-282c7" strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data Size: 164551 Md5: 7000e3e11388e09044d228f92ca2d175 Sha1: d617696dedee957c307d9475a7d265894c841532 Sha256: d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8
GET /js/pub.min.js HTTP/1.1 Host: cdn.puuush.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.puuush.me/js/pub.min.js FQDN: cdn.puuush.me IP: 173.236.118.99 HASH: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be 173.236.118.99 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT content-length: 1482 last-modified: Fri, 09 Sep 2022 11:46:08 GMT vary: Accept-Encoding etag: "631b2780-5ca" content-encoding: gzip expires: Wed, 07 Dec 2022 00:03:31 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (2752) Size: 1482 Md5: 31c303586c1b78e33984bd252b8e2644 Sha1: 8083e2aad4cbf8242a4e6fb53657d49552b85f82 Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
POST /g/collect?v=2&tid=G-SSJE53WRJ5&gtm=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://download.tl Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-SSJE53 (...) FQDN: region1.google-analytics.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://download.tl date: Tue, 06 Dec 2022 00:03:31 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.js?v=1670285008492 HTTP/1.1 Host: download.tl User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: download.tl/sw.js?v=1670285008492 FQDN: download.tl IP: 185.66.200.173 HASH: 98f9b8694bc6faf2e0f815d70bc8d75a29c1ff15a2b0d51d84061f55d5b49c96 185.66.200.173 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT content-length: 45 last-modified: Fri, 30 Sep 2022 08:16:35 GMT etag: "6336a5e3-2d" expires: Thu, 05 Jan 2023 00:03:31 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000; includeSubDomains x-frame-options: SAME-ORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 45 Md5: 25fa0b961fe7adc7681019028b3b7ffa Sha1: 6422d4cf5b4b57220f1d592c726c7471d2e99cb6 Sha256: 98f9b8694bc6faf2e0f815d70bc8d75a29c1ff15a2b0d51d84061f55d5b49c96
GET /sw.js HTTP/1.1 Host: cdn.puuush.me User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: cdn.puuush.me/sw.js FQDN: cdn.puuush.me IP: 173.236.118.99 HASH: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11 173.236.118.99 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT content-length: 776 last-modified: Mon, 03 Oct 2022 07:40:54 GMT vary: Accept-Encoding etag: "633a9206-308" content-encoding: gzip content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline'; X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 776 Md5: f72a11763f13b05c1f2379d13387dd05 Sha1: 002fbf7672d3f4655b89b6413d160e4185ce9900 Sha256: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14946 Expires: Tue, 06 Dec 2022 04:12:37 GMT Date: Tue, 06 Dec 2022 00:03:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Cookie: shown_fc_a68d0334523588c77f10=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: qoaaa.com/0e2b09792c744001c7ab/323d7e27fd/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 HASH: 526d50ff0feac8a4b7145b14bb1d955715af87f6290319d1ea2c7dbb1d91bd5d 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2633275=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2706801=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (353) Size: 11507 Md5: 51dcbef091b35a5056138804cdae093d Sha1: ea6036d605b7427ea1375e61223d587304a82141 Sha256: 526d50ff0feac8a4b7145b14bb1d955715af87f6290319d1ea2c7dbb1d91bd5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5273 x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSz2EqfIAMFqng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:47:49 GMT age: 8142 etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5273 Md5: 49c08cd33e41826af9dd4a8a912e0ddf Sha1: bde85bd98858e4b13484a9cc3263b4db7fb5d348 Sha256: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6352 x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSuWF1bIAMFcpg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:41:55 GMT etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251" age: 8496 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6352 Md5: ebd3528452aecd80e39bbf82d3f71f2c Sha1: eaa956309d27052d466f7c4bd75b3bdf8443f251 Sha256: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5995 x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSzOGGjoAMF4kw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:25:46 GMT age: 5865 etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5995 Md5: 3801236dc22938e1cc18947e90ea5326 Sha1: 5979d7dc3ba0eb61947282a4adeac8208b4148ae Sha256: 3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Cookie: shown_fc_a68d0334523588c77f10=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: qoaaa.com/0e2b09792c744001c7ab/3fddfb685b/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 HASH: 1433e34ffbccdbec5bc17f3de4bbf810609e60d17f30eae922d690072de8673d 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2835047=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (353) Size: 7202 Md5: 96f892ca86d3f4756d7a1936cd59683c Sha1: 3e0d4a457352efb482c54d50b68ab9f4ed6cd54e Sha256: 1433e34ffbccdbec5bc17f3de4bbf810609e60d17f30eae922d690072de8673d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8469 x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_sqFSjoAMFQ6w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:52:07 GMT age: 7884 etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8469 Md5: 2f60a6490f38a772dcd50a1132e98e1b Sha1: ff254a1df087d2c157d88a6ef04e395dc49efe5e Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 178c22fefa7179132d81521e5e2e2932b5cdaa3ae619b982787ccf60ccb53baf 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15914 Expires: Tue, 06 Dec 2022 04:28:45 GMT Date: Tue, 06 Dec 2022 00:03:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 879020653f6353f9ca239d931b199e32 Sha1: 15be52dee68ee3a291f0406cfc7b173fc289c341 Sha256: 178c22fefa7179132d81521e5e2e2932b5cdaa3ae619b982787ccf60ccb53baf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 4b8faef03ee2da4d9b6ca55a87c08d99fadca2e856bda74bdd35d809cd655bd5 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4B8FAEF03EE2DA4D9B6CA55A87C08D99FADCA2E856BDA74BDD35D809CD655BD5" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21552 Expires: Tue, 06 Dec 2022 06:02:43 GMT Date: Tue, 06 Dec 2022 00:03:31 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8211f14f7c0cabee269ac2dfca4fa12c Sha1: 41620ccdad8626ae886810bc0f02a8cb30d3de32 Sha256: 4b8faef03ee2da4d9b6ca55a87c08d99fadca2e856bda74bdd35d809cd655bd5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 3650cc3e387409c2ad0a379d3bb97c93828b65c74c9c147ce00213f09159868f 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11553 Expires: Tue, 06 Dec 2022 03:16:05 GMT Date: Tue, 06 Dec 2022 00:03:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 724ffc2dc6371a6518f0a6c742d16583 Sha1: 08c9b4bab5bc30138b124f84eae6e0a2a07bee8c Sha256: 3650cc3e387409c2ad0a379d3bb97c93828b65c74c9c147ce00213f09159868f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: f0a41702cdbb95704799171cde869008e02b5de696797eca2ed21358bb1d59da 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F0A41702CDBB95704799171CDE869008E02B5DE696797ECA2ED21358BB1D59DA" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16905 Expires: Tue, 06 Dec 2022 04:45:17 GMT Date: Tue, 06 Dec 2022 00:03:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f8ba7c62e709deb3b136272f3057011e Sha1: e2d92987f802ab224ed9aa13cd1d43ca6751e93d Sha256: f0a41702cdbb95704799171cde869008e02b5de696797eca2ed21358bb1d59da
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.33.119.27 HASH: 8cd6d0ea4d08cfaafbdaab776e145ac20bfd677d69ae56d274d24859d570c94a 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19826 Expires: Tue, 06 Dec 2022 05:33:58 GMT Date: Tue, 06 Dec 2022 00:03:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9eb3331255487daa5756d42bf0163dcd Sha1: 94e1d9832676aebae848c1f687f2714ab71b49ad Sha256: 8cd6d0ea4d08cfaafbdaab776e145ac20bfd677d69ae56d274d24859d570c94a
GET /728/90/157.gif HTTP/1.1 Host: aff-aff.advertica-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://affili.st/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aff-aff.advertica-cdn.com/728/90/157.gif FQDN: aff-aff.advertica-cdn.com IP: 185.66.200.127 185.66.200.127 HTTP/2 200 OK content-type: image/gif server: nginx date: Tue, 06 Dec 2022 00:03:32 GMT last-modified: Sat, 19 Sep 2015 22:07:35 GMT vary: Accept-Encoding etag: W/"55fddca7-9343" expires: Thu, 05 Jan 2023 00:03:32 GMT cache-control: max-age=2592000 access-control-allow-origin: * x-cache: HIT x-server: cdnbts content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /generic/4745_58346EN-DW30-320x50.gif HTTP/1.1 Host: aff-a.advertica-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://qoaaa.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aff-a.advertica-cdn.com/generic/4745_58346EN-DW30-320x50.gif FQDN: aff-a.advertica-cdn.com IP: 185.66.200.127 185.66.200.127 HTTP/2 200 OK content-type: image/gif server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT last-modified: Mon, 28 Dec 2020 14:27:49 GMT vary: Accept-Encoding etag: W/"5fe9eb65-1117" expires: Thu, 05 Jan 2023 00:03:31 GMT cache-control: max-age=2592000 access-control-allow-origin: * x-cache: HIT x-server: cdnbts content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: qoaaa.com/a68d0334523588c77f10/1a181cddfd/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:29 GMT expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow set-cookie: shown_fc_a68d0334523588c77f10=1; expires=Tue, 06-Dec-2022 01:03:29 GMT; Max-Age=3600; path=/; secure; SameSite=None content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 Host: affili.st User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://qoaaa.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: affili.st/affiliate.php?aff=386608&width=468&height=60& (...) FQDN: affili.st IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:32 GMT expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /468/60/49.jpg HTTP/1.1 Host: aff-aff.advertica-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://affili.st/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: aff-aff.advertica-cdn.com/468/60/49.jpg FQDN: aff-aff.advertica-cdn.com IP: 185.66.200.127 185.66.200.127 HTTP/2 200 OK content-type: image/jpeg server: nginx date: Tue, 06 Dec 2022 00:03:32 GMT last-modified: Mon, 07 Sep 2015 21:28:15 GMT vary: Accept-Encoding etag: W/"55ee016f-7122" expires: Thu, 05 Jan 2023 00:03:32 GMT cache-control: max-age=2592000 access-control-allow-origin: * x-cache: HIT x-server: cdnbts content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Cookie: shown_fc_a68d0334523588c77f10=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow access-control-allow-origin: * content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3708&maxw=338 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Cookie: shown_fc_a68d0334523588c77f10=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: qoaaa.com/5070df7217e45e2a84c2/a3ecc1ef3f/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2633668=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow access-control-allow-origin: * content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100 HTTP/1.1 Host: qoaaa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Cookie: shown_fc_a68d0334523588c77f10=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementNam (...) FQDN: qoaaa.com IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2706825=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow access-control-allow-origin: * content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 Host: affili.st User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://qoaaa.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: affili.st/affiliate.php?aff=386608&width=728&height=90& (...) FQDN: affili.st IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Tue, 06 Dec 2022 00:03:31 GMT expires: Sun, 01 Jan 2014 00:00:00 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex,nofollow content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /css2?family=Ubuntu:wght@500&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Ubuntu:wght@500&displa (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 06 Dec 2022 00:03:29 GMT date: Tue, 06 Dec 2022 00:03:29 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /js/AfPop.js?ver=25 HTTP/1.1 Host: o-oo.ooo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://download.tl/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: o-oo.ooo/js/AfPop.js?ver=25 FQDN: o-oo.ooo IP: 185.66.201.42 185.66.201.42 HTTP/2 200 OK content-type: application/javascript server: nginx date: Tue, 06 Dec 2022 00:03:30 GMT last-modified: Wed, 20 Jul 2022 07:41:27 GMT etag: W/"62d7b1a7-15975" content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         185.66.200.173

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:28 GMT 

                                        
                                            
Content-Length: 162 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   162

                                                Md5:    4f8e702cc244ec5d4de32740c0ecbd97

                                                Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff

                                                Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1289 

                                        
                                            
Cache-Control: max-age=125359 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Etag: "638dc877-1d7" 

                                        
                                            
Expires: Wed, 07 Dec 2022 10:52:48 GMT 

                                        
                                            
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT 

                                        
                                            
Server: ECS (ska/F70F) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ee088fab9b287e174cfd1f2c735a909f

                                                Sha1:   25c3335b514a36ad1a24d00413d60c3d394f5161

                                                Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 05 Dec 2022 23:18:31 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2698 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    5f16a534222e5749ef240d413826c2f6

                                                Sha1:   11683d84d420dd6f919425094edb8961278f7fed

                                                Sha256: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

                                        
                                            GET /css/style.min.css?1666529618 HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 13492 

                                        
                                            
last-modified: Sun, 23 Oct 2022 12:53:38 GMT 

                                        
                                            
etag: "63553952-34b4" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (13492), with no line terminators

                                                Size:   13492

                                                Md5:    c5100527a08c426e8bd5702dc9c53936

                                                Sha1:   9ce0345d98384ef4e4fa88f10889734102ddff5b

                                                Sha256: eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c

                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 30990 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-790e" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (30828)

                                                Size:   30990

                                                Md5:    621cf15eb9ee7413873564e6750c0809

                                                Sha1:   401421861f5012bfb116e5e07cc9d5e8bb03f7bb

                                                Sha256: 4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285

                                        
                                            GET /css/themes/blue.min.css HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 472 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-1d8" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (472), with no line terminators

                                                Size:   472

                                                Md5:    a395d36f6ad74367c5e9d28a4c7b0a99

                                                Sha1:   f3e962bfa9ae1909a86efb8438f8291074bb56d2

                                                Sha256: 3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22

                                        
                                            GET /css/select2-bootstrap.min.css HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 16799 

                                        
                                            
last-modified: Thu, 14 Oct 2021 15:33:42 GMT 

                                        
                                            
etag: "61684dd6-419f" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (16470)

                                                Size:   16799

                                                Md5:    bf537ebef54c75143541dd6221ac72f8

                                                Sha1:   72ff972b044d607c2fe4b02c75038cabd4efdcf7

                                                Sha256: f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31

                                        
                                            GET /js/main.min.js?1636993690 HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 961 

                                        
                                            
last-modified: Mon, 15 Nov 2021 16:28:10 GMT 

                                        
                                            
etag: "61928a9a-3c1" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (450)

                                                Size:   961

                                                Md5:    fb48e56feb8391b1c2b599832c76a7f8

                                                Sha1:   f40011eb16f2b2e8cd29ff6bb25a45426679f591

                                                Sha256: 62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c

                                        
                                            GET /js/jquery.min.js HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 89501 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-15d9d" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65447)

                                                Size:   89501

                                                Md5:    8fb8fee4fcc3cc86ff6c724154c49c42

                                                Sha1:   b82d238d4e31fdf618bae8ac11a6c812c03dd0d4

                                                Sha256: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

                                        
                                            GET /images/logo.svg HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 7497 

                                        
                                            
last-modified: Thu, 21 Apr 2022 05:48:35 GMT 

                                        
                                            
etag: "6260f033-1d49" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1064)

                                                Size:   7497

                                                Md5:    5a5e2d2d819b65a94450d7fe8fa76233

                                                Sha1:   64cc86f42a940e7dad8d33cb0802dd51490ee22e

                                                Sha256: 8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412

                                        
                                            GET /images/home_icon_2.png HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
content-length: 1127 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-467" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:29 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1127

                                                Md5:    16ee48571a5309c0420c476756c5d354

                                                Sha1:   8487a3c1d97cc434a5d3ddddc63e406faefc55bf

                                                Sha256: c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=20274 

                                        
                                            
Expires: Tue, 06 Dec 2022 05:41:23 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecb98d3ec67bf68886c77cabf5597822

                                                Sha1:   a95ccdae9bde40ba65b034a945888ecb8e037d8b

                                                Sha256: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10370 

                                        
                                            
Expires: Tue, 06 Dec 2022 02:56:19 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecb98d3ec67bf68886c77cabf5597822

                                                Sha1:   a95ccdae9bde40ba65b034a945888ecb8e037d8b

                                                Sha256: 043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    5f16a534222e5749ef240d413826c2f6

                                                Sha1:   11683d84d420dd6f919425094edb8961278f7fed

                                                Sha256: 691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    7dfb548d8f8a99d32050803775fad5d6

                                                Sha1:   8b47999a01db7c2217d76a1cec576809a229cf1b

                                                Sha256: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

                                        
                                            GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1160

                                                Md5:    a68eb99a9ff39884b5be2950ee50c65e

                                                Sha1:   0485c98bb373d37aeb80f20cf549963b614571b6

                                                Sha256: 31a20dc674f0a8f2da51de9df9376d8f5f79d71d740d2a657b73a11bbc924bc2

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://download.tl 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.227

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15744 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:33:54 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:33:54 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 448176 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:48 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data

                                                Size:   15744

                                                Md5:    15d9f621c3bd1599f0169dcf0bd5e63e

                                                Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52

                                                Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:30 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e24f2da4ed2e3cd07b0999a67550d634

                                                Sha1:   6e2277e734fd0015849c3554dd2cf2ae289c2cf2

                                                Sha256: 74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1272 

                                        
                                            
Cache-Control: max-age=120274 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:30 GMT 

                                        
                                            
Etag: "638db4ac-1d7" 

                                        
                                            
Expires: Wed, 07 Dec 2022 09:28:04 GMT 

                                        
                                            
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT 

                                        
                                            
Server: ECS (ska/F70F) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    2b9d6a686aa3c4ea24568425e43a5221

                                                Sha1:   d53bb4c9579bd1db78a0520619e888aec79f750f

                                                Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://download.tl 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.227

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 9628 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 01 Dec 2022 08:09:46 GMT 

                                        
                                            
expires: Fri, 01 Dec 2023 08:09:46 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 402824 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data

                                                Size:   9628

                                                Md5:    d9ac47c7e500fb7083b8d595eaf6fe12

                                                Sha1:   112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933

                                                Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8E7CC3B4DC204249690FC38B110D309E7DB56BD8B92D7D43311AA21D9661AA9E" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15259 

                                        
                                            
Expires: Tue, 06 Dec 2022 04:17:49 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f2fc10d866ee3cc0df070dd51ab28f85

                                                Sha1:   937d2d499aaa56b803ab36083e0fc6bddb7bbce6

                                                Sha256: 8e7cc3b4dc204249690fc38b110d309e7db56bd8b92d7d43311aa21d9661aa9e

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://download.tl 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         216.58.207.227

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15860 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:34:15 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:34:15 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 448155 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data

                                                Size:   15860

                                                Md5:    e9f5aaf547f165386cd313b995dddd8e

                                                Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968

                                                Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/css/font-awesome.min.css 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:30 GMT 

                                        
                                            
content-length: 77160 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-12d68" 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data

                                                Size:   77160

                                                Md5:    af7ae505a9eed503f8b8e6982036873e

                                                Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c

                                                Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: download.tl

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/ 

                                        
                                            
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         185.66.200.173

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/x-icon

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:30 GMT 

                                        
                                            
content-length: 164551 

                                        
                                            
last-modified: Tue, 05 Oct 2021 14:52:13 GMT 

                                        
                                            
etag: "615c669d-282c7" 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
x-frame-options: SAME-ORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data

                                                Size:   164551

                                                Md5:    7000e3e11388e09044d228f92ca2d175

                                                Sha1:   d617696dedee957c307d9475a7d265894c841532

                                                Sha256: d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8

                                        
                                            POST /g/collect?v=2&tid=G-SSJE53WRJ5&gtm=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 

                                        
                                            
Host: region1.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://download.tl 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.34.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://download.tl 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /sw.js HTTP/1.1 

                                        
                                            
Host: cdn.puuush.me

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                         173.236.118.99

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
content-length: 776 

                                        
                                            
last-modified: Mon, 03 Oct 2022 07:40:54 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
etag: "633a9206-308" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   776

                                                Md5:    f72a11763f13b05c1f2379d13387dd05

                                                Sha1:   002fbf7672d3f4655b89b6413d160e4185ce9900

                                                Sha256: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11

                                        
                                            GET /0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100 HTTP/1.1 

                                        
                                            
Host: qoaaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Cookie: shown_fc_a68d0334523588c77f10=1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         185.66.201.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
expires: Sun, 01 Jan 2014 00:00:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-robots-tag: noindex,nofollow 

                                        
                                            
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633275=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2706801=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (353)

                                                Size:   11507

                                                Md5:    51dcbef091b35a5056138804cdae093d

                                                Sha1:   ea6036d605b7427ea1375e61223d587304a82141

                                                Sha256: 526d50ff0feac8a4b7145b14bb1d955715af87f6290319d1ea2c7dbb1d91bd5d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6352 

                                        
                                            
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: csSuWF1bIAMFcpg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw== 

                                        
                                            
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 05 Dec 2022 21:41:55 GMT 

                                        
                                            
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251" 

                                        
                                            
age: 8496 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6352

                                                Md5:    ebd3528452aecd80e39bbf82d3f71f2c

                                                Sha1:   eaa956309d27052d466f7c4bd75b3bdf8443f251

                                                Sha256: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a

                                        
                                            GET /0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635 HTTP/1.1 

                                        
                                            
Host: qoaaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Cookie: shown_fc_a68d0334523588c77f10=1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         185.66.201.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
expires: Sun, 01 Jan 2014 00:00:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-robots-tag: noindex,nofollow 

                                        
                                            
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2835047=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (353)

                                                Size:   7202

                                                Md5:    96f892ca86d3f4756d7a1936cd59683c

                                                Sha1:   3e0d4a457352efb482c54d50b68ab9f4ed6cd54e

                                                Sha256: 1433e34ffbccdbec5bc17f3de4bbf810609e60d17f30eae922d690072de8673d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15914 

                                        
                                            
Expires: Tue, 06 Dec 2022 04:28:45 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    879020653f6353f9ca239d931b199e32

                                                Sha1:   15be52dee68ee3a291f0406cfc7b173fc289c341

                                                Sha256: 178c22fefa7179132d81521e5e2e2932b5cdaa3ae619b982787ccf60ccb53baf

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11553 

                                        
                                            
Expires: Tue, 06 Dec 2022 03:16:05 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:32 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    724ffc2dc6371a6518f0a6c742d16583

                                                Sha1:   08c9b4bab5bc30138b124f84eae6e0a2a07bee8c

                                                Sha256: 3650cc3e387409c2ad0a379d3bb97c93828b65c74c9c147ce00213f09159868f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.33.119.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19826 

                                        
                                            
Expires: Tue, 06 Dec 2022 05:33:58 GMT 

                                        
                                            
Date: Tue, 06 Dec 2022 00:03:32 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9eb3331255487daa5756d42bf0163dcd

                                                Sha1:   94e1d9832676aebae848c1f687f2714ab71b49ad

                                                Sha256: 8cd6d0ea4d08cfaafbdaab776e145ac20bfd677d69ae56d274d24859d570c94a

                                        
                                            GET /generic/4745_58346EN-DW30-320x50.gif HTTP/1.1 

                                        
                                            
Host: aff-a.advertica-cdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://qoaaa.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.66.200.127

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
last-modified: Mon, 28 Dec 2020 14:27:49 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
etag: W/"5fe9eb65-1117" 

                                        
                                            
expires: Thu, 05 Jan 2023 00:03:31 GMT 

                                        
                                            
cache-control: max-age=2592000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-server: cdnbts 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 

                                        
                                            
Host: affili.st

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://qoaaa.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.66.201.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:32 GMT 

                                        
                                            
expires: Sun, 01 Jan 2014 00:00:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-robots-tag: noindex,nofollow 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645 HTTP/1.1 

                                        
                                            
Host: qoaaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Cookie: shown_fc_a68d0334523588c77f10=1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         185.66.201.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None 

                                        
                                            
expires: Sun, 01 Jan 2014 00:00:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-robots-tag: noindex,nofollow 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100 HTTP/1.1 

                                        
                                            
Host: qoaaa.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Cookie: shown_fc_a68d0334523588c77f10=1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         185.66.201.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:31 GMT 

                                        
                                            
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2706825=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None 

                                        
                                            
expires: Sun, 01 Jan 2014 00:00:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
pragma: no-cache 

                                        
                                            
x-robots-tag: noindex,nofollow 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css2?family=Ubuntu:wght@500&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://download.tl/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
date: Tue, 06 Dec 2022 00:03:29 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
IP	185.66.200.173 (Slovakia)
ASN	#201702 skHosting.eu s.r.o.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-06 00:03:39 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (20)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.66.200.173

Last 5 reports on ASN: skHosting.eu s.r.o.

Last 5 reports on domain: download.tl

No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (78)

Overview

Domain Summary (20)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.66.200.173

Last 5 reports on ASN: skHosting.eu s.r.o.

Last 5 reports on domain: download.tl

No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (78)

Network Intrusion Detection Systems