Overview

URLdownload.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
IP 185.66.200.173 (Slovakia)
ASN#201702 skHosting.eu s.r.o.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 00:03:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (13) 344 No data No data 23.33.119.27
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-05 04:09:35 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
affili.st (2) 0 2017-03-07 15:15:33 UTC 2022-11-26 23:03:59 UTC 185.66.201.42 Unknown ranking
o-oo.ooo (1) 838293 2017-02-01 17:22:18 UTC 2022-12-05 02:07:49 UTC 185.66.201.42
download.tl (22) 0 2022-04-08 09:06:48 UTC 2022-12-05 15:43:25 UTC 185.66.200.173 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-12-05 11:11:06 UTC 142.250.74.106
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-12-05 08:18:24 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.187.71.185
cdn.puuush.me (2) 0 2022-02-21 19:22:17 UTC 2022-12-03 17:22:20 UTC 173.236.118.99 Unknown ranking
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-05 08:37:19 UTC 142.250.74.168
qoaaa.com (7) 239567 2018-11-26 21:58:30 UTC 2022-12-05 19:57:26 UTC 185.66.201.42
my-pu.sh (1) 0 2022-05-09 08:41:39 UTC 2022-12-02 03:51:40 UTC 185.66.201.58 Unknown ranking
img-getpocket.cdn.mozilla.net (4) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
aff-aff.advertica-cdn.com (2) 0 2017-10-05 08:35:28 UTC 2022-11-26 23:03:50 UTC 185.66.200.127 Domain (advertica-cdn.com) ranked at: 739624
aff-a.advertica-cdn.com (1) 0 2017-09-18 15:27:46 UTC 2022-12-05 18:23:57 UTC 185.66.200.127 Domain (advertica-cdn.com) ranked at: 739624

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 qoaaa.com/js/responsive.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.66.200.173
Date UQ / IDS / BL URL IP
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 05:39:53 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 03:07:55 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


Last 5 reports on ASN: skHosting.eu s.r.o.
Date UQ / IDS / BL URL IP
2023-01-29 12:42:57 +0000 0 - 4 - 0 6784.world/go.php?go=us.r-q.media/?utm_medium (...) 185.66.201.7
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-26 09:31:13 +0000 0 - 0 - 1 qoaaa.com/baa1c603fd95f8310018/4db48ddfa9/ 185.66.201.42
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


Last 5 reports on domain: download.tl
Date UQ / IDS / BL URL IP
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 05:39:53 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 03:07:55 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (78)


Request Response
                                        
                                            GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         185.66.200.173
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 06 Dec 2022 00:03:28 GMT
Content-Length: 162
Connection: keep-alive
Location: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7748
Expires: Tue, 06 Dec 2022 02:12:37 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1289
Cache-Control: max-age=125359
Date: Tue, 06 Dec 2022 00:03:29 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:52:48 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10739
Expires: Tue, 06 Dec 2022 03:02:28 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 23:18:31 GMT
cache-control: public,max-age=3600
age: 2698
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 6S7fvcgkvyAdLgT8MMHPO4wq7HIKdZQVvEjgZ3dhNEWBCPkHrU/RuTQWLd+jlwq4ck9L0N1IOcM=
x-amz-request-id: CN9VCQWVD8WT8BJT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 23:48:42 GMT
age: 887
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D051CE4E860CD8DB2CD4B6AA2E2E4A9DF4D5441892B2210BE9A41DD58742090F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Tue, 06 Dec 2022 00:48:40 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/bootstrap.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 121317
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d9e5"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   121317
Md5:    bd646f0d6da93f6332d4f1d86ee0942f
Sha1:   6de9e58a7f4a177f8711cbbae26e7db92136359f
Sha256: dfaa8bf4b1c788015d7c0208419f1cd0776008beaabbfbfb1f4a86ebb7ecc57f
                                        
                                            GET /css/style.min.css?1666529618 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 13492
last-modified: Sun, 23 Oct 2022 12:53:38 GMT
etag: "63553952-34b4"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13492), with no line terminators
Size:   13492
Md5:    c5100527a08c426e8bd5702dc9c53936
Sha1:   9ce0345d98384ef4e4fa88f10889734102ddff5b
Sha256: eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c
                                        
                                            GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; path=/; secure; HttpOnly; SameSite=Strict lang=en; expires=Thu, 05-Jan-2023 00:03:29 GMT; Max-Age=2592000; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict VHYy=knXr; expires=Tue, 06-Dec-2022 05:00:00 GMT; Max-Age=17791; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2764)
Size:   21923
Md5:    2a8ca2d38dba8f8ae082d0355868e018
Sha1:   f6b90f18688a5a2dc48d665ab2888c128b7b8497
Sha256: bd36efc41c51137739dab1bf24ad6b6d6c5ddac4a9ffa10e0951130a117b19ee
                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 30990
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-790e"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30828)
Size:   30990
Md5:    621cf15eb9ee7413873564e6750c0809
Sha1:   401421861f5012bfb116e5e07cc9d5e8bb03f7bb
Sha256: 4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285
                                        
                                            GET /gtag/js?id=G-SSJE53WRJ5 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:03:29 GMT
expires: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   76817
Md5:    8b05145a283a876884f0f99e4ba5555d
Sha1:   dea433425a0be059733f379bdebc78a9de3ff126
Sha256: 3e5ebb85a27f4ad8bfe657438176cea248048a5ce8959f5b31d91845f5bcb137
                                        
                                            GET /css/themes/blue.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 472
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d8"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (472), with no line terminators
Size:   472
Md5:    a395d36f6ad74367c5e9d28a4c7b0a99
Sha1:   f3e962bfa9ae1909a86efb8438f8291074bb56d2
Sha256: 3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22
                                        
                                            GET /css/select2.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 15823
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-3dcf"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15822)
Size:   15823
Md5:    809b4f5299218eab37a7c31e4c20478b
Sha1:   c9448efbf22bc6f6fbbbbfebbd656642bab13767
Sha256: 907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49
                                        
                                            GET /css/select2-bootstrap.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 16799
last-modified: Thu, 14 Oct 2021 15:33:42 GMT
etag: "61684dd6-419f"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16470)
Size:   16799
Md5:    bf537ebef54c75143541dd6221ac72f8
Sha1:   72ff972b044d607c2fe4b02c75038cabd4efdcf7
Sha256: f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 37045
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-90b5"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   37045
Md5:    5869c96cc8f19086aee625d670d741f9
Sha1:   430a443d74830fe9be26efca431f448c1b3740f9
Sha256: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
                                        
                                            GET /js/main.min.js?1636993690 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 961
last-modified: Mon, 15 Nov 2021 16:28:10 GMT
etag: "61928a9a-3c1"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (450)
Size:   961
Md5:    fb48e56feb8391b1c2b599832c76a7f8
Sha1:   f40011eb16f2b2e8cd29ff6bb25a45426679f591
Sha256: 62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c
                                        
                                            GET /js/download.min.js?1666892246 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 1158
last-modified: Thu, 27 Oct 2022 17:37:26 GMT
etag: "635ac1d6-486"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (500)
Size:   1158
Md5:    43189dcfca2b2a1a2dfb463d2337dbd5
Sha1:   0fe3391f6491d1d3c58a1121851770b59d004614
Sha256: 47e163754c43bab9cfc374f88d641317028ebf5215e5f8c7242d90cf7cb151da
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 89501
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-15d9d"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89501
Md5:    8fb8fee4fcc3cc86ff6c724154c49c42
Sha1:   b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
Sha256: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
                                        
                                            GET /js/select2.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 72443
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-11afb"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64125)
Size:   72443
Md5:    1e3d14fddf0553e0b51f69cdccd4fd7f
Sha1:   b36737e7d2a65815c40ac86d0502f0cbb8b9bad8
Sha256: 9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
                                        
                                            GET /images/logo.svg HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 7497
last-modified: Thu, 21 Apr 2022 05:48:35 GMT
etag: "6260f033-1d49"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1064)
Size:   7497
Md5:    5a5e2d2d819b65a94450d7fe8fa76233
Sha1:   64cc86f42a940e7dad8d33cb0802dd51490ee22e
Sha256: 8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412
                                        
                                            GET /images/home_icon_1.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 1097
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-449"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1097
Md5:    048b30786019caeb221dea0f39d6afdb
Sha1:   67fa6b67ad8ae0e1b283a4928158e43f59e81545
Sha256: 6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
                                        
                                            GET /images/home_icon_2.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 1127
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-467"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1127
Md5:    16ee48571a5309c0420c476756c5d354
Sha1:   8487a3c1d97cc434a5d3ddddc63e406faefc55bf
Sha256: c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
                                        
                                            GET /images/home_icon_3.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 1035
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-40b"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1035
Md5:    4c746521247dd8e8520c96731d60ece0
Sha1:   098c5993b275a6adbfb9f18b231829496f1d3406
Sha256: d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20274
Expires: Tue, 06 Dec 2022 05:41:23 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive

                                        
                                            GET /images/article/32/1.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 72521
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-11b49"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 410, 8-bit colormap, non-interlaced\012- data
Size:   72521
Md5:    dfb5fa70ca04a1401edc62a5e867375e
Sha1:   bf7bb2674dfaccbbc13e0c9f2e368622c001e567
Sha256: 390209fabbc37c421be344da34ff061def57c80ecbde230f66111765a30e84b4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Tue, 06 Dec 2022 02:56:19 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive

                                        
                                            GET /images/article/32/2.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-length: 78218
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-1318a"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 425, 8-bit colormap, non-interlaced\012- data
Size:   78218
Md5:    b431e52df5e434134756ad6389b94d13
Sha1:   370651407c45a34a9c7dacae6859543494c91ac4
Sha256: a172dba33a349405f00dc6b416cd89207bcaaffd37879dfd41d919fb428819d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 3271
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 00:03:29 GMT
date: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1160
Md5:    a68eb99a9ff39884b5be2950ee50c65e
Sha1:   0485c98bb373d37aeb80f20cf549963b614571b6
Sha256: 31a20dc674f0a8f2da51de9df9376d8f5f79d71d740d2a657b73a11bbc924bc2
                                        
                                            GET /js/responsive.js HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1501
Md5:    dbc33c1b11e09f1c3a44ff63d9119278
Sha1:   f1b057d7857c0c5a676bf9f3e33f7b02d73368b8
Sha256: 8ef05a78bc11bbcc26606b011d453cd3e5bfc8adffb0c2095aa168c080b21e68

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 448176
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:08:19 GMT
expires: Thu, 30 Nov 2023 20:08:19 GMT
cache-control: public, max-age=31536000
age: 446111
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Size:   30480
Md5:    0e7e5f9d3a8ef121149827180b790b5c
Sha1:   0e9f9333078e5df9245630ff6f68ba1d9da3c403
Sha256: e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1272
Cache-Control: max-age=120274
Date: Tue, 06 Dec 2022 00:03:30 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:28:04 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:42:24 GMT
expires: Thu, 30 Nov 2023 19:42:24 GMT
cache-control: public, max-age=31536000
age: 447666
last-modified: Wed, 11 May 2022 19:25:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size:   11872
Md5:    87ace20058325aa069320aa4af875dff
Sha1:   b743548770c46d905ae1ba06310bc001c587fe8e
Sha256: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:09:46 GMT
expires: Fri, 01 Dec 2023 08:09:46 GMT
cache-control: public, max-age=31536000
age: 402824
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size:   9628
Md5:    d9ac47c7e500fb7083b8d595eaf6fe12
Sha1:   112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E7CC3B4DC204249690FC38B110D309E7DB56BD8B92D7D43311AA21D9661AA9E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15259
Expires: Tue, 06 Dec 2022 04:17:49 GMT
Date: Tue, 06 Dec 2022 00:03:30 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SUwowygQcmaLd+AwzkkNIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: slhPGs9bNKqlhrnBS5b/5XAzt9A=

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 448155
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 
Host: my-pu.sh
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.58
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; secure; SameSite=None used_ad2694267=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; secure; SameSite=None push_loaded=yes; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   16121
Md5:    e8f45e17bd40fbd9e5c2dbea4d4a871e
Sha1:   5be6975f608ba0608bf15051add3c1c74eecac2e
Sha256: ebee1a3b2a908d6360d0f875e7be673fae0e103263b87e05af60264bcfc18991
                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://download.tl/css/font-awesome.min.css
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-length: 77160
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-12d68"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6AC4905B3FDA1DBDCB97DBD3B623BCB13D9882FCD86D9F5B021CB1B157D7ADCD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11136
Expires: Tue, 06 Dec 2022 03:09:06 GMT
Date: Tue, 06 Dec 2022 00:03:30 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-length: 164551
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-282c7"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size:   164551
Md5:    7000e3e11388e09044d228f92ca2d175
Sha1:   d617696dedee957c307d9475a7d265894c841532
Sha256: d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8
                                        
                                            GET /js/pub.min.js HTTP/1.1 
Host: cdn.puuush.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.236.118.99
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Wed, 07 Dec 2022 00:03:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2752)
Size:   1482
Md5:    31c303586c1b78e33984bd252b8e2644
Sha1:   8083e2aad4cbf8242a4e6fb53657d49552b85f82
Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
                                        
                                            POST /g/collect?v=2&tid=G-SSJE53WRJ5&gtm=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.tl
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://download.tl
date: Tue, 06 Dec 2022 00:03:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /sw.js?v=1670285008492 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-length: 45
last-modified: Fri, 30 Sep 2022 08:16:35 GMT
etag: "6336a5e3-2d"
expires: Thu, 05 Jan 2023 00:03:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   45
Md5:    25fa0b961fe7adc7681019028b3b7ffa
Sha1:   6422d4cf5b4b57220f1d592c726c7471d2e99cb6
Sha256: 98f9b8694bc6faf2e0f815d70bc8d75a29c1ff15a2b0d51d84061f55d5b49c96
                                        
                                            GET /sw.js HTTP/1.1 
Host: cdn.puuush.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         173.236.118.99
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   776
Md5:    f72a11763f13b05c1f2379d13387dd05
Sha1:   002fbf7672d3f4655b89b6413d160e4185ce9900
Sha256: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14946
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive

                                        
                                            GET /0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2633275=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2706801=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (353)
Size:   11507
Md5:    51dcbef091b35a5056138804cdae093d
Sha1:   ea6036d605b7427ea1375e61223d587304a82141
Sha256: 526d50ff0feac8a4b7145b14bb1d955715af87f6290319d1ea2c7dbb1d91bd5d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:49 GMT
age: 8142
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5273
Md5:    49c08cd33e41826af9dd4a8a912e0ddf
Sha1:   bde85bd98858e4b13484a9cc3263b4db7fb5d348
Sha256: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
age: 8496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6352
Md5:    ebd3528452aecd80e39bbf82d3f71f2c
Sha1:   eaa956309d27052d466f7c4bd75b3bdf8443f251
Sha256: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 5865
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5995
Md5:    3801236dc22938e1cc18947e90ea5326
Sha1:   5979d7dc3ba0eb61947282a4adeac8208b4148ae
Sha256: 3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
                                        
                                            GET /0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2835047=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (353)
Size:   7202
Md5:    96f892ca86d3f4756d7a1936cd59683c
Sha1:   3e0d4a457352efb482c54d50b68ab9f4ed6cd54e
Sha256: 1433e34ffbccdbec5bc17f3de4bbf810609e60d17f30eae922d690072de8673d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 7884
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    2f60a6490f38a772dcd50a1132e98e1b
Sha1:   ff254a1df087d2c157d88a6ef04e395dc49efe5e
Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15914
Expires: Tue, 06 Dec 2022 04:28:45 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B8FAEF03EE2DA4D9B6CA55A87C08D99FADCA2E856BDA74BDD35D809CD655BD5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Tue, 06 Dec 2022 06:02:43 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11553
Expires: Tue, 06 Dec 2022 03:16:05 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F0A41702CDBB95704799171CDE869008E02B5DE696797ECA2ED21358BB1D59DA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16905
Expires: Tue, 06 Dec 2022 04:45:17 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19826
Expires: Tue, 06 Dec 2022 05:33:58 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive

                                        
                                            GET /728/90/157.gif HTTP/1.1 
Host: aff-aff.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
last-modified: Sat, 19 Sep 2015 22:07:35 GMT
vary: Accept-Encoding
etag: W/"55fddca7-9343"
expires: Thu, 05 Jan 2023 00:03:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /generic/4745_58346EN-DW30-320x50.gif HTTP/1.1 
Host: aff-a.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
vary: Accept-Encoding
etag: W/"5fe9eb65-1117"
expires: Thu, 05 Jan 2023 00:03:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown_fc_a68d0334523588c77f10=1; expires=Tue, 06-Dec-2022 01:03:29 GMT; Max-Age=3600; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 
Host: affili.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /468/60/49.jpg HTTP/1.1 
Host: aff-aff.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
last-modified: Mon, 07 Sep 2015 21:28:15 GMT
vary: Accept-Encoding
etag: W/"55ee016f-7122"
expires: Thu, 05 Jan 2023 00:03:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3708&maxw=338 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2633668=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None used_ad2706825=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 
Host: affili.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Ubuntu:wght@500&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 00:03:29 GMT
date: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/AfPop.js?ver=25 HTTP/1.1 
Host: o-oo.ooo
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
last-modified: Wed, 20 Jul 2022 07:41:27 GMT
etag: W/"62d7b1a7-15975"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---