download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
185.66.200.173301 Moved Permanently 162 B URL HTTP/1.1 download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 00:03:28 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7748
Expires: Tue, 06 Dec 2022 02:12:37 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1289
Cache-Control: max-age=125359
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:29 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:52:48 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10739
Expires: Tue, 06 Dec 2022 03:02:28 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 23:18:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2698
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6S7fvcgkvyAdLgT8MMHPO4wq7HIKdZQVvEjgZ3dhNEWBCPkHrU/RuTQWLd+jlwq4ck9L0N1IOcM=
x-amz-request-id: CN9VCQWVD8WT8BJT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 23:48:42 GMT
age: 887
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0ef3730c2cf93ab1e2c1b01e9d73ed64
cb7ce53372da96fe8b9e4ad2385f1e9d772902ca
d051ce4e860cd8db2cd4b6aa2e2e4a9df4d5441892b2210be9a41dd58742090f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D051CE4E860CD8DB2CD4B6AA2E2E4A9DF4D5441892B2210BE9A41DD58742090F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2711
Expires: Tue, 06 Dec 2022 00:48:40 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
download.tl/css/bootstrap.min.css
185.66.200.173200 OK 121 kB URL HTTP/2 download.tl/css/bootstrap.min.css
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (65371)
Size 121 kB (121317 bytes)
Hash bd646f0d6da93f6332d4f1d86ee0942f
6de9e58a7f4a177f8711cbbae26e7db92136359f
dfaa8bf4b1c788015d7c0208419f1cd0776008beaabbfbfb1f4a86ebb7ecc57f
GET /css/bootstrap.min.css HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 121317
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d9e5"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/css/style.min.css?1666529618
185.66.200.173200 OK 14 kB URL HTTP/2 download.tl/css/style.min.css?1666529618
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (13492), with no line terminators
Hash c5100527a08c426e8bd5702dc9c53936
9ce0345d98384ef4e4fa88f10889734102ddff5b
eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c
GET /css/style.min.css?1666529618 HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 13492
last-modified: Sun, 23 Oct 2022 12:53:38 GMT
etag: "63553952-34b4"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
185.66.200.173200 OK 22 kB URL HTTP/2 download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2764)
Hash 2a8ca2d38dba8f8ae082d0355868e018
f6b90f18688a5a2dc48d665ab2888c128b7b8497
bd36efc41c51137739dab1bf24ad6b6d6c5ddac4a9ffa10e0951130a117b19ee
GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; path=/; secure; HttpOnly; SameSite=Strict
lang=en; expires=Thu, 05-Jan-2023 00:03:29 GMT; Max-Age=2592000; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict
VHYy=knXr; expires=Tue, 06-Dec-2022 05:00:00 GMT; Max-Age=17791; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
download.tl/css/font-awesome.min.css
185.66.200.173200 OK 31 kB URL HTTP/2 download.tl/css/font-awesome.min.css
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (30828)
Hash 621cf15eb9ee7413873564e6750c0809
401421861f5012bfb116e5e07cc9d5e8bb03f7bb
4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285
GET /css/font-awesome.min.css HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 30990
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-790e"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-SSJE53WRJ5
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-SSJE53WRJ5
IP 142.250.74.168:0
File type ASCII text, with very long lines (22462)
Hash 8b05145a283a876884f0f99e4ba5555d
dea433425a0be059733f379bdebc78a9de3ff126
3e5ebb85a27f4ad8bfe657438176cea248048a5ce8959f5b31d91845f5bcb137
GET /gtag/js?id=G-SSJE53WRJ5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 00:03:29 GMT
expires: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
download.tl/css/themes/blue.min.css
185.66.200.173200 OK 472 B URL HTTP/2 download.tl/css/themes/blue.min.css
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (472), with no line terminators
Hash a395d36f6ad74367c5e9d28a4c7b0a99
f3e962bfa9ae1909a86efb8438f8291074bb56d2
3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22
GET /css/themes/blue.min.css HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 472
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d8"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/css/select2.min.css
185.66.200.173200 OK 16 kB URL HTTP/2 download.tl/css/select2.min.css
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (15822)
Hash 809b4f5299218eab37a7c31e4c20478b
c9448efbf22bc6f6fbbbbfebbd656642bab13767
907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49
GET /css/select2.min.css HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 15823
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-3dcf"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/css/select2-bootstrap.min.css
185.66.200.173200 OK 17 kB URL HTTP/2 download.tl/css/select2-bootstrap.min.css
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (16470)
Hash bf537ebef54c75143541dd6221ac72f8
72ff972b044d607c2fe4b02c75038cabd4efdcf7
f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31
GET /css/select2-bootstrap.min.css HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/css
content-length: 16799
last-modified: Thu, 14 Oct 2021 15:33:42 GMT
etag: "61684dd6-419f"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/js/bootstrap.min.js
185.66.200.173200 OK 37 kB URL HTTP/2 download.tl/js/bootstrap.min.js
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /js/bootstrap.min.js HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
content-length: 37045
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-90b5"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/js/main.min.js?1636993690
185.66.200.173200 OK 961 B URL HTTP/2 download.tl/js/main.min.js?1636993690
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (450)
Hash fb48e56feb8391b1c2b599832c76a7f8
f40011eb16f2b2e8cd29ff6bb25a45426679f591
62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c
GET /js/main.min.js?1636993690 HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
content-length: 961
last-modified: Mon, 15 Nov 2021 16:28:10 GMT
etag: "61928a9a-3c1"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/js/download.min.js?1666892246
185.66.200.173200 OK 1.2 kB URL HTTP/2 download.tl/js/download.min.js?1666892246
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (500)
Hash 43189dcfca2b2a1a2dfb463d2337dbd5
0fe3391f6491d1d3c58a1121851770b59d004614
47e163754c43bab9cfc374f88d641317028ebf5215e5f8c7242d90cf7cb151da
GET /js/download.min.js?1666892246 HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
content-length: 1158
last-modified: Thu, 27 Oct 2022 17:37:26 GMT
etag: "635ac1d6-486"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/js/jquery.min.js
185.66.200.173200 OK 90 kB URL HTTP/2 download.tl/js/jquery.min.js
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /js/jquery.min.js HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
content-length: 89501
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-15d9d"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/js/select2.min.js
185.66.200.173200 OK 72 kB URL HTTP/2 download.tl/js/select2.min.js
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type Unicode text, UTF-8 text, with very long lines (64125)
Hash 1e3d14fddf0553e0b51f69cdccd4fd7f
b36737e7d2a65815c40ac86d0502f0cbb8b9bad8
9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
GET /js/select2.min.js HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
content-length: 72443
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-11afb"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/images/logo.svg
185.66.200.173200 OK 7.5 kB URL HTTP/2 download.tl/images/logo.svg
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1064)
Hash 5a5e2d2d819b65a94450d7fe8fa76233
64cc86f42a940e7dad8d33cb0802dd51490ee22e
8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412
GET /images/logo.svg HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/svg+xml
content-length: 7497
last-modified: Thu, 21 Apr 2022 05:48:35 GMT
etag: "6260f033-1d49"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/images/home_icon_1.png
185.66.200.173200 OK 1.1 kB URL HTTP/2 download.tl/images/home_icon_1.png
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 048b30786019caeb221dea0f39d6afdb
67fa6b67ad8ae0e1b283a4928158e43f59e81545
6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
GET /images/home_icon_1.png HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/png
content-length: 1097
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-449"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/images/home_icon_2.png
185.66.200.173200 OK 1.1 kB URL HTTP/2 download.tl/images/home_icon_2.png
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 16ee48571a5309c0420c476756c5d354
8487a3c1d97cc434a5d3ddddc63e406faefc55bf
c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
GET /images/home_icon_2.png HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/png
content-length: 1127
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-467"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
download.tl/images/home_icon_3.png
185.66.200.173200 OK 1.0 kB URL HTTP/2 download.tl/images/home_icon_3.png
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c746521247dd8e8520c96731d60ece0
098c5993b275a6adbfb9f18b231829496f1d3406
d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
GET /images/home_icon_3.png HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/png
content-length: 1035
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-40b"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecb98d3ec67bf68886c77cabf5597822
a95ccdae9bde40ba65b034a945888ecb8e037d8b
043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20274
Expires: Tue, 06 Dec 2022 05:41:23 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive
download.tl/images/article/32/1.png
185.66.200.173200 OK 72 kB URL HTTP/2 download.tl/images/article/32/1.png
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type PNG image data, 600 x 410, 8-bit colormap, non-interlaced\012- data
Hash dfb5fa70ca04a1401edc62a5e867375e
bf7bb2674dfaccbbc13e0c9f2e368622c001e567
390209fabbc37c421be344da34ff061def57c80ecbde230f66111765a30e84b4
GET /images/article/32/1.png HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/png
content-length: 72521
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-11b49"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecb98d3ec67bf68886c77cabf5597822
a95ccdae9bde40ba65b034a945888ecb8e037d8b
043dd1ee0e66c9ff35f830b85a47e5a174f4d8ac4cdae82b28fd7fbc94b078d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Tue, 06 Dec 2022 02:56:19 GMT
Date: Tue, 06 Dec 2022 00:03:29 GMT
Connection: keep-alive
download.tl/images/article/32/2.png
185.66.200.173200 OK 78 kB URL HTTP/2 download.tl/images/article/32/2.png
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type PNG image data, 600 x 425, 8-bit colormap, non-interlaced\012- data
Hash b431e52df5e434134756ad6389b94d13
370651407c45a34a9c7dacae6859543494c91ac4
a172dba33a349405f00dc6b416cd89207bcaaffd37879dfd41d919fb428819d7
GET /images/article/32/2.png HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: image/png
content-length: 78218
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-1318a"
expires: Thu, 05 Jan 2023 00:03:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 3271
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,600,700
IP 142.250.74.106:0
Hash a68eb99a9ff39884b5be2950ee50c65e
0485c98bb373d37aeb80f20cf549963b614571b6
31a20dc674f0a8f2da51de9df9376d8f5f79d71d740d2a657b73a11bbc924bc2
GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 00:03:29 GMT
date: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
qoaaa.com/js/responsive.js
185.66.201.42200 OK 1.5 kB URL HTTP/2 qoaaa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Hash dbc33c1b11e09f1c3a44ff63d9119278
f1b057d7857c0c5a676bf9f3e33f7b02d73368b8
8ef05a78bc11bbcc26606b011d453cd3e5bfc8adffb0c2095aa168c080b21e68
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 448176
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:08:19 GMT
expires: Thu, 30 Nov 2023 20:08:19 GMT
cache-control: public, max-age=31536000
age: 446111
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1272
Cache-Control: max-age=120274
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:30 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:28:04 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:42:24 GMT
expires: Thu, 30 Nov 2023 19:42:24 GMT
cache-control: public, max-age=31536000
age: 447666
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:09:46 GMT
expires: Fri, 01 Dec 2023 08:09:46 GMT
cache-control: public, max-age=31536000
age: 402824
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:03:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2fc10d866ee3cc0df070dd51ab28f85
937d2d499aaa56b803ab36083e0fc6bddb7bbce6
8e7cc3b4dc204249690fc38b110d309e7db56bd8b92d7d43311aa21d9661aa9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E7CC3B4DC204249690FC38B110D309E7DB56BD8B92D7D43311AA21D9661AA9E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15259
Expires: Tue, 06 Dec 2022 04:17:49 GMT
Date: Tue, 06 Dec 2022 00:03:30 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SUwowygQcmaLd+AwzkkNIQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: slhPGs9bNKqlhrnBS5b/5XAzt9A=
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 448155
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my-pu.sh/9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1
185.66.201.58200 OK 16 kB URL HTTP/2 my-pu.sh/9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1
IP 185.66.201.58:0
ASN #201702 skHosting.eu s.r.o.
Hash e8f45e17bd40fbd9e5c2dbea4d4a871e
5be6975f608ba0608bf15051add3c1c74eecac2e
ebee1a3b2a908d6360d0f875e7be673fae0e103263b87e05af60264bcfc18991
GET /9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1
Host: my-pu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-type: application/javascript
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; secure; SameSite=None
used_ad2694267=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17789; secure; SameSite=None
push_loaded=yes; expires=Wed, 07-Dec-2022 00:03:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
download.tl/fonts/fontawesome-webfont.woff2?v=4.7.0
185.66.200.173200 OK 77 kB URL HTTP/2 download.tl/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://download.tl/css/font-awesome.min.css
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-type: font/woff2
content-length: 77160
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-12d68"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 75253d4b3ac5dbf485f6b6b12bcf0815
8dd5e53741d30956bda63d3d6c6fca04cc2c4997
6ac4905b3fda1dbdcb97dbd3b623bcb13d9882fcd86d9f5b021cb1b157d7adcd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AC4905B3FDA1DBDCB97DBD3B623BCB13D9882FCD86D9F5B021CB1B157D7ADCD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11136
Expires: Tue, 06 Dec 2022 03:09:06 GMT
Date: Tue, 06 Dec 2022 00:03:30 GMT
Connection: keep-alive
download.tl/favicon.ico
185.66.200.173200 OK 165 kB IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 165 kB (164551 bytes)
Hash 7000e3e11388e09044d228f92ca2d175
d617696dedee957c307d9475a7d265894c841532
d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8
GET /favicon.ico HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-type: image/x-icon
content-length: 164551
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-282c7"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.puuush.me/js/pub.min.js
173.236.118.99200 OK 1.5 kB URL HTTP/2 cdn.puuush.me/js/pub.min.js
IP 173.236.118.99:0
File type ASCII text, with very long lines (2752)
Hash 31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /js/pub.min.js HTTP/1.1
Host: cdn.puuush.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Wed, 07 Dec 2022 00:03:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-SSJE53WRJ5>m=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-SSJE53WRJ5>m=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SSJE53WRJ5>m=2oebu0&_p=1287519793&cid=432566066.1670285008&ul=en-us&sr=1280x1024&_s=1&sid=1670285007&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.tl
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://download.tl
date: Tue, 06 Dec 2022 00:03:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
download.tl/sw.js?v=1670285008492
185.66.200.173200 OK 45 B URL HTTP/2 download.tl/sw.js?v=1670285008492
IP 185.66.200.173:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with no line terminators
Hash 25fa0b961fe7adc7681019028b3b7ffa
6422d4cf5b4b57220f1d592c726c7471d2e99cb6
98f9b8694bc6faf2e0f815d70bc8d75a29c1ff15a2b0d51d84061f55d5b49c96
GET /sw.js?v=1670285008492 HTTP/1.1
Host: download.tl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: __app_id=vvjj0sa9ltfnv453hcri8mbhot; lang=en; VHYy=knXr; _ga_SSJE53WRJ5=GS1.1.1670285007.1.0.1670285007.0.0.0; _ga=GA1.1.432566066.1670285008
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: application/javascript
content-length: 45
last-modified: Fri, 30 Sep 2022 08:16:35 GMT
etag: "6336a5e3-2d"
expires: Thu, 05 Jan 2023 00:03:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.puuush.me/sw.js
173.236.118.99200 OK 776 B IP 173.236.118.99:0
Hash f72a11763f13b05c1f2379d13387dd05
002fbf7672d3f4655b89b6413d160e4185ce9900
70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
GET /sw.js HTTP/1.1
Host: cdn.puuush.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14946
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive
qoaaa.com/0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100
185.66.201.42200 OK 12 kB URL HTTP/2 qoaaa.com/0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document, ASCII text, with very long lines (353)
Hash 51dcbef091b35a5056138804cdae093d
ea6036d605b7427ea1375e61223d587304a82141
526d50ff0feac8a4b7145b14bb1d955715af87f6290319d1ea2c7dbb1d91bd5d
GET /0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_1388&maxw=1130&maxh=100 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633275=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2706801=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49c08cd33e41826af9dd4a8a912e0ddf
bde85bd98858e4b13484a9cc3263b4db7fb5d348
43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YFtwPRjtJcX51t_xVdpS2-J222bVL8KEildkseLJ_pVbCFkljZ-Q0A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:49 GMT
age: 8142
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebd3528452aecd80e39bbf82d3f71f2c
eaa956309d27052d466f7c4bd75b3bdf8443f251
680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
content-type: image/jpeg
age: 8496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 5865
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
qoaaa.com/0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635
185.66.201.42200 OK 7.2 kB URL HTTP/2 qoaaa.com/0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document, ASCII text, with very long lines (353)
Hash 96f892ca86d3f4756d7a1936cd59683c
3e0d4a457352efb482c54d50b68ab9f4ed6cd54e
1433e34ffbccdbec5bc17f3de4bbf810609e60d17f30eae922d690072de8673d
GET /0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_5697&maxw=635 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2835047=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 7884
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 879020653f6353f9ca239d931b199e32
15be52dee68ee3a291f0406cfc7b173fc289c341
178c22fefa7179132d81521e5e2e2932b5cdaa3ae619b982787ccf60ccb53baf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15914
Expires: Tue, 06 Dec 2022 04:28:45 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8211f14f7c0cabee269ac2dfca4fa12c
41620ccdad8626ae886810bc0f02a8cb30d3de32
4b8faef03ee2da4d9b6ca55a87c08d99fadca2e856bda74bdd35d809cd655bd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B8FAEF03EE2DA4D9B6CA55A87C08D99FADCA2E856BDA74BDD35D809CD655BD5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Tue, 06 Dec 2022 06:02:43 GMT
Date: Tue, 06 Dec 2022 00:03:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 724ffc2dc6371a6518f0a6c742d16583
08c9b4bab5bc30138b124f84eae6e0a2a07bee8c
3650cc3e387409c2ad0a379d3bb97c93828b65c74c9c147ce00213f09159868f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11553
Expires: Tue, 06 Dec 2022 03:16:05 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f8ba7c62e709deb3b136272f3057011e
e2d92987f802ab224ed9aa13cd1d43ca6751e93d
f0a41702cdbb95704799171cde869008e02b5de696797eca2ed21358bb1d59da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0A41702CDBB95704799171CDE869008E02B5DE696797ECA2ED21358BB1D59DA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16905
Expires: Tue, 06 Dec 2022 04:45:17 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9eb3331255487daa5756d42bf0163dcd
94e1d9832676aebae848c1f687f2714ab71b49ad
8cd6d0ea4d08cfaafbdaab776e145ac20bfd677d69ae56d274d24859d570c94a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19826
Expires: Tue, 06 Dec 2022 05:33:58 GMT
Date: Tue, 06 Dec 2022 00:03:32 GMT
Connection: keep-alive
aff-aff.advertica-cdn.com/728/90/157.gif
185.66.200.127200 OK 0 B URL HTTP/2 aff-aff.advertica-cdn.com/728/90/157.gif
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /728/90/157.gif HTTP/1.1
Host: aff-aff.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
content-type: image/gif
last-modified: Sat, 19 Sep 2015 22:07:35 GMT
vary: Accept-Encoding
etag: W/"55fddca7-9343"
expires: Thu, 05 Jan 2023 00:03:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
aff-a.advertica-cdn.com/generic/4745_58346EN-DW30-320x50.gif
185.66.200.127200 OK 0 B URL HTTP/2 aff-a.advertica-cdn.com/generic/4745_58346EN-DW30-320x50.gif
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /generic/4745_58346EN-DW30-320x50.gif HTTP/1.1
Host: aff-a.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: image/gif
last-modified: Mon, 28 Dec 2020 14:27:49 GMT
vary: Accept-Encoding
etag: W/"5fe9eb65-1117"
expires: Thu, 05 Jan 2023 00:03:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
qoaaa.com/a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1
185.66.201.42200 OK 0 B URL HTTP/2 qoaaa.com/a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:29 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown_fc_a68d0334523588c77f10=1; expires=Tue, 06-Dec-2022 01:03:29 GMT; Max-Age=3600; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2
affili.st/affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0=
185.66.201.42200 OK 0 B URL HTTP/2 affili.st/affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0=
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1
Host: affili.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
aff-aff.advertica-cdn.com/468/60/49.jpg
185.66.200.127200 OK 0 B URL HTTP/2 aff-aff.advertica-cdn.com/468/60/49.jpg
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /468/60/49.jpg HTTP/1.1
Host: aff-aff.advertica-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:32 GMT
content-type: image/jpeg
last-modified: Mon, 07 Sep 2015 21:28:15 GMT
vary: Accept-Encoding
etag: W/"55ee016f-7122"
expires: Thu, 05 Jan 2023 00:03:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645
185.66.201.42200 OK 0 B URL HTTP/2 qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_5549&maxw=645 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2834864=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
qoaaa.com/5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3708&maxw=338
185.66.201.42200 OK 0 B URL HTTP/2 qoaaa.com/5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3708&maxw=338
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3708&maxw=338 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633668=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100
185.66.201.42200 OK 0 B URL HTTP/2 qoaaa.com/19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_6475&maxw=735&maxh=100 HTTP/1.1
Host: qoaaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 00:03:31 GMT; Max-Age=86400; secure; SameSite=None
used_ad2706825=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; path=/; secure; SameSite=None
total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=17788; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
affili.st/affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0=
185.66.201.42200 OK 0 B URL HTTP/2 affili.st/affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0=
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1
Host: affili.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:31 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Ubuntu:wght@500&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:wght@500&display=swap
IP 142.250.74.106:0
GET /css2?family=Ubuntu:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 00:03:29 GMT
date: Tue, 06 Dec 2022 00:03:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
o-oo.ooo/js/AfPop.js?ver=25
185.66.201.42200 OK 0 B URL HTTP/2 o-oo.ooo/js/AfPop.js?ver=25
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /js/AfPop.js?ver=25 HTTP/1.1
Host: o-oo.ooo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:03:30 GMT
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 07:41:27 GMT
etag: W/"62d7b1a7-15975"
content-encoding: br
X-Firefox-Spdy: h2