download.cracksurl.com/ad/locked?url=be&t=s&subid=4192322&h=
69.39.238.242302 Found 0 B URL HTTP/1.1 download.cracksurl.com/ad/locked?url=be&t=s&subid=4192322&h=
IP 69.39.238.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/locked?url=be&t=s&subid=4192322&h= HTTP/1.1
Host: download.cracksurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: FLYSESSID=5k3rr4jm0sn4m84ueo4fc2nnaa; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-powered-by: adfly
location: /be
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 09 Nov 2022 16:49:31 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9713
Expires: Wed, 09 Nov 2022 19:31:24 GMT
Date: Wed, 09 Nov 2022 16:49:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: max-age=154850
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 16:49:31 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:50:21 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5743
Expires: Wed, 09 Nov 2022 18:25:14 GMT
Date: Wed, 09 Nov 2022 16:49:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l3c1PHJj6dvhfIOSkpNsFeG9AiiviK23NDMgdhMq/gs4HbV4nAP3BA3xEzXG4tEgrO2dbIUQs84=
x-amz-request-id: S29TNK3Q01H1XDZ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 16:11:47 GMT
age: 2264
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 16:49:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
download.cracksurl.com/be
69.39.238.242302 Found 0 B URL HTTP/1.1 download.cracksurl.com/be
IP 69.39.238.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /be HTTP/1.1
Host: download.cracksurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FLYSESSID=5k3rr4jm0sn4m84ueo4fc2nnaa
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: /not-found.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 09 Nov 2022 16:49:32 GMT
server: LiteSpeed
download.cracksurl.com/not-found.php
69.39.238.242404 Not Found 2.9 kB URL HTTP/1.1 download.cracksurl.com/not-found.php
IP 69.39.238.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6710)
Hash eecda668f7ba2186327c4244f0941642
ed3349e156bd25e46a8718189620be5295b5b802
d5ee26d03a9991b39ca48f3b6e5b16d4de8558089c8643d3a67ef0b847265ece
Analyzer Verdict Alert fortinet Malware
GET /not-found.php HTTP/1.1
Host: download.cracksurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FLYSESSID=5k3rr4jm0sn4m84ueo4fc2nnaa
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.27
content-type: text/html; charset=UTF-8
content-length: 2910
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 09 Nov 2022 16:49:32 GMT
server: LiteSpeed
cdn.ay.gy/static/css/static.css
172.67.194.125200 OK 219 B URL HTTP/1.1 cdn.ay.gy/static/css/static.css
IP 172.67.194.125:0
File type ASCII text, with no line terminators
Hash 9a1d684746ed8c15e18cd6cd23d3cc73
f9b80f677f87c7daa400a5b1922337326dd5d2ec
2505df3c96dec7c57cf14f7964e2aff39f267872f7eee038684cb6abbec82431
GET /static/css/static.css HTTP/1.1
Host: cdn.ay.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:32 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=420
cache-control: public, max-age=604800
etag: W/"1a4-5faa60e6-959389537b65d2c0;gz"
expires: Wed, 16 Nov 2022 16:30:30 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1142
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTCr%2BSRfcmwcET49NKv1ri2kufHUposVO0OPbzhamWq4%2FgUWMMhIhJfSbDGy%2BcKfEabdDtAyP2pcZGgn33Qos7Mh3V0%2BhZTLCRMa%2F6jpnlhomppsl5h5PjuuaT0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76780ad16bde1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.ay.gy/static/image/header_gradient.jpg
172.67.194.125200 OK 8.9 kB URL HTTP/1.1 cdn.ay.gy/static/image/header_gradient.jpg
IP 172.67.194.125:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x370, components 3\012- data
Hash fb59af58265bb1390fb680a13aa401bd
bd8ea333c27936aa02250d4e5258d71c3faf5d14
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4
GET /static/image/header_gradient.jpg HTTP/1.1
Host: cdn.ay.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.ay.gy/static/css/static.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:32 GMT
Content-Type: image/jpeg
Content-Length: 8872
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 16 Nov 2022 16:30:30 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "22a8-5faa60e6-8ea5f64bb41938f5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1142
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F9C2Qe2Zy2TytikGegt1Z5YNFF3UQ3SMKeS2IWd5XS%2FmG5N%2FnOsA%2BsHBXqJ2kAd80Pb7oJg2raCaAfE0GKfykPuqt%2BCfnnPQeLnjD5pEmiyXevjgTICSnuboHs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad19c1c1c0e-OSL
alt-svc: h2=":443"; ma=60
cdn.ay.gy/static/image/logo.png
172.67.194.125200 OK 11 kB URL HTTP/1.1 cdn.ay.gy/static/image/logo.png
IP 172.67.194.125:0
File type PNG image data, 185 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash f819716ccd5a0e06aecdb273cfb4ccbe
f60bad9a95299264085d01c9705b03c768a71da8
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
GET /static/image/logo.png HTTP/1.1
Host: cdn.ay.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.ay.gy/static/css/static.css
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:32 GMT
Content-Type: image/png
Content-Length: 10726
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 16 Nov 2022 16:08:32 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "29e6-5faa60e6-b22ed065d915c717;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2460
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIOgweCWJkh9mOYFglJRsJUPuhbk4vL9vQiilEPl1w5%2FUUtEOPS8P6G8j%2B7ZpMVc7NaWcSagPZivwxpDBesazKpLNnP2mHaYtio6o5Xh%2B%2FdCLM9omd1xEvtd%2FGA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad19fc4b4fd-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3987
Cache-Control: max-age=149024
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 16:49:32 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:13:16 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fbcdn2.com/script/compatibility.js
104.17.232.32200 OK 4.9 kB URL HTTP/1.1 fbcdn2.com/script/compatibility.js
IP 104.17.232.32:0
File type ASCII text, with very long lines (14461), with no line terminators
Hash dfc1ef193e722034b53ecdad122950eb
0bc2035e46a7ebc8e22f06f7f4d8e6aa646c7f19
35c379bfbbac999a2ca7542c1ce9c3796f5e51ca5896b06e84fb8ddf41e0870d
GET /script/compatibility.js HTTP/1.1
Host: fbcdn2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdsYVeUqe7zrRqV9IyOO_psrQuR4iDA0NR-6PK01KvOg0NXVo2O8vjjzn9sBnSfZcDuPEy3IFbekew1tYfQiLjZ2tw
x-goog-generation: 1655802523449377
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14461
x-goog-hash: crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 09 Nov 2022 20:49:32 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 21 Jun 2022 09:08:43 GMT
ETag: W/"946bb9192a14e6dad035a9ec8178f073"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad1bdc1b51e-OSL
Content-Encoding: gzip
d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
54.230.245.47200 OK 36 kB URL HTTP/1.1 d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
IP 54.230.245.47:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash c6764f588a760bb8883bca39687e5cb9
f3b44bef0d4cb1bbad9bacccd68c8a05339d63d8
7c1819b0e94454a6179f1bcab32a4e4db7eefb6cd726a4d909889bfed29485e1
Analyzer Verdict Alert fortinet Malware
GET /?ixmnd=709056 HTTP/1.1
Host: d1nmxiiewlx627.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Content-Length: 36032
Connection: keep-alive
Date: Wed, 09 Nov 2022 16:49:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TfWvSMcpP5YKQcMrFJQIaBtTatowk1x3isW4e1hXK5wF50xxt2pmDQ==
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a19bdcee4fbadaad588f62b2e5095f7e
91e14f94edfa8dec8d2776f68ff49745b846ac8f
0a66a5ec60136a85662561bbaca5bc4b20c7a647cefdb230c0edca416459e46c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0A66A5EC60136A85662561BBACA5BC4B20C7A647CEFDB230C0EDCA416459E46C"
Last-Modified: Mon, 07 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5756
Expires: Wed, 09 Nov 2022 18:25:28 GMT
Date: Wed, 09 Nov 2022 16:49:32 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yZjyoKSpV6Ou9UtwqD3TGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1y8TkHOeZjsVyeJ2hr+oeufE8r4=
mentsecono.xyz/UEUyZmQxJ1ELWzF4UEARIikPQ1YWYAAgAGErXx4NOSBFChxmdwVIBzwqRwICIipcEko+IEZDVhY/UVYPZBwCBTUaKWsgAREmVT4iZTJjVSUZE1wgMhl1QSsvAQsCBQwjFnkRLmkAYxU1NjJwNT0BJkg+ImV2ZDUyCgFhJCsydAIoLhVwBi4DGS93PjUdF2YrIBopfAMuAhxYMRMRPHAcFAgEdSMjGwRnKS8RLlUwJWgoZAgQdXdwMAk8AVAnFAQnRTcDBiJRCSYUKlYzPDMhYjRVAiECLFEWKXwPNRE2VjM8MwB7ID4GJgM8UjUuaFc1KgB9MFYaBHEeSWEXVhEhdXd0LjIRAmMIDx4RagIFMgRCMi0SHEMzEygsYzdcGxABPCA1FF4yADwfBSUlBTBzNRw1AXZfMzV2BzUAYB9cJSEFPGYIA3YvQQkKIHh4HjEIDncUKDNzClc
54.230.111.124200 OK 1.2 kB URL HTTP/1.1 mentsecono.xyz/UEUyZmQxJ1ELWzF4UEARIikPQ1YWYAAgAGErXx4NOSBFChxmdwVIBzwqRwICIipcEko+IEZDVhY/UVYPZBwCBTUaKWsgAREmVT4iZTJjVSUZE1wgMhl1QSsvAQsCBQwjFnkRLmkAYxU1NjJwNT0BJkg+ImV2ZDUyCgFhJCsydAIoLhVwBi4DGS93PjUdF2YrIBopfAMuAhxYMRMRPHAcFAgEdSMjGwRnKS8RLlUwJWgoZAgQdXdwMAk8AVAnFAQnRTcDBiJRCSYUKlYzPDMhYjRVAiECLFEWKXwPNRE2VjM8MwB7ID4GJgM8UjUuaFc1KgB9MFYaBHEeSWEXVhEhdXd0LjIRAmMIDx4RagIFMgRCMi0SHEMzEygsYzdcGxABPCA1FF4yADwfBSUlBTBzNRw1AXZfMzV2BzUAYB9cJSEFPGYIA3YvQQkKIHh4HjEIDncUKDNzClc
IP 54.230.111.124:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3042), with no line terminators
Hash b577eb2831c5424df2071ec2139e8ccc
74fa183df2a31b42827fef2c6392360cc2281ad5
7a447244cd0e6dde316223c08b99e332a81c5648f8372d58f3431dceef9ed2f1
GET /UEUyZmQxJ1ELWzF4UEARIikPQ1YWYAAgAGErXx4NOSBFChxmdwVIBzwqRwICIipcEko+IEZDVhY/UVYPZBwCBTUaKWsgAREmVT4iZTJjVSUZE1wgMhl1QSsvAQsCBQwjFnkRLmkAYxU1NjJwNT0BJkg+ImV2ZDUyCgFhJCsydAIoLhVwBi4DGS93PjUdF2YrIBopfAMuAhxYMRMRPHAcFAgEdSMjGwRnKS8RLlUwJWgoZAgQdXdwMAk8AVAnFAQnRTcDBiJRCSYUKlYzPDMhYjRVAiECLFEWKXwPNRE2VjM8MwB7ID4GJgM8UjUuaFc1KgB9MFYaBHEeSWEXVhEhdXd0LjIRAmMIDx4RagIFMgRCMi0SHEMzEygsYzdcGxABPCA1FF4yADwfBSUlBTBzNRw1AXZfMzV2BzUAYB9cJSEFPGYIA3YvQQkKIHh4HjEIDncUKDNzClc HTTP/1.1
Host: mentsecono.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1191
Connection: keep-alive
Date: Wed, 09 Nov 2022 16:49:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xA93E-Om4O-49M5StUNHpTbKhVWx-tAOtYfuST4QbsIf735NMko9Qw==
onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.8134054085749286&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com
35.190.71.96200 OK 1.5 kB URL HTTP/1.1 onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.8134054085749286&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com
IP 35.190.71.96:0
File type ASCII text, with very long lines (5644)
Hash 4df626dee31e8017e61ffe905347385e
1dddec4ed6031af31e5907f48a8e45aa3f38cbb3
aa4462dd850b7edbb2daabd6c80db23a139f97fccef0a57d9c6fc053dbbcea65
GET /script/suurl.php?r=2984815&cbrandom=0.8134054085749286&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com HTTP/1.1
Host: onclickgenius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 16:49:32 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
andwhenmyf.xyz/WHJIckN3TSsBfjk1BjcQMigsJxsOCwoedgwUAB0LD0MCQCYvI24GKjxPf0J6aEd+VDMxFnVAen4BPBM3LQF1Q2UxHC4dfn4EdUNtaFx+Qm1pVD1Pcn4GOBMkZUNuAjcsHnVDdW5KeENxbURxRnFp
104.21.33.226204 No Content 0 B URL HTTP/2 andwhenmyf.xyz/WHJIckN3TSsBfjk1BjcQMigsJxsOCwoedgwUAB0LD0MCQCYvI24GKjxPf0J6aEd+VDMxFnVAen4BPBM3LQF1Q2UxHC4dfn4EdUNtaFx+Qm1pVD1Pcn4GOBMkZUNuAjcsHnVDdW5KeENxbURxRnFp
IP 104.21.33.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WHJIckN3TSsBfjk1BjcQMigsJxsOCwoedgwUAB0LD0MCQCYvI24GKjxPf0J6aEd+VDMxFnVAen4BPBM3LQF1Q2UxHC4dfn4EdUNtaFx+Qm1pVD1Pcn4GOBMkZUNuAjcsHnVDdW5KeENxbURxRnFp HTTP/1.1
Host: andwhenmyf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://download.cracksurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 16:49:33 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8RTZ1AoxVBSIeS1%2FZyKwQwdiExZHnr99ufyaA7x04m%2BO91M%2FyL56plVELFO%2BdQufn1bPTPugmZ4kmkW3ZCqe1pvNbX3tYIo835eyNHml2wer%2BBiFxJzMgEMXUB4cmvYxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76780ad4bb841c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fbcdn2.com/script/firefox.js
104.17.232.32200 OK 3.7 kB URL HTTP/1.1 fbcdn2.com/script/firefox.js
IP 104.17.232.32:0
File type ASCII text, with very long lines (11758), with no line terminators
Hash 9cec94fe431f2a287a07b6ae67093935
77cfbdf64caeabaa890e537408e66d9c3fd80cde
f803761c68ac15eaad6f0ccd84b35ac312da397359f6badf8b8c40b5df068896
GET /script/firefox.js HTTP/1.1
Host: fbcdn2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdvH-yqjXKyaHKUPK-aQKwedkGEubqC3QMOqF_XwP5SDPhN4By_4HctypCwXqOBx7LQKpL2ZiP3qSkpfNExP2kFHWw
Expires: Wed, 09 Nov 2022 20:49:33 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 21 Jun 2022 09:08:59 GMT
ETag: W/"1461940cfd6093640b63b931682cce4d"
x-goog-generation: 1655802539797909
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11758
x-goog-hash: crc32c=BzbV2Q==, md5=FGGUDP1gk2QLY7kxaCzOTQ==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad468c6b51e-OSL
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a19bdcee4fbadaad588f62b2e5095f7e
91e14f94edfa8dec8d2776f68ff49745b846ac8f
0a66a5ec60136a85662561bbaca5bc4b20c7a647cefdb230c0edca416459e46c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0A66A5EC60136A85662561BBACA5BC4B20C7A647CEFDB230C0EDCA416459E46C"
Last-Modified: Mon, 07 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5755
Expires: Wed, 09 Nov 2022 18:25:28 GMT
Date: Wed, 09 Nov 2022 16:49:33 GMT
Connection: keep-alive
cdn.ay.gy/static/image/favicon.ico
172.67.194.125200 OK 766 B URL HTTP/1.1 cdn.ay.gy/static/image/favicon.ico
IP 172.67.194.125:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.ay.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:33 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 16 Nov 2022 16:08:36 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2457
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4HGrY9jYhD3IsVTf3rxxR56Q13OcTDw2kXLEctKc2ootPlXIxFGFkdD8T8szsViR6v51ULg1GPVr0kVF%2Fch8RO9xt9m6tGtW1WqPnOWEvX03LUVTwd0uAwLSBU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad5acefb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a154674cb81c5eee3d3bb75bcb2b4
ff9755ea23b3096f652c6b039f810a3865601475
11d4eb5bd32598ca2759e6e8276a111deca1700a62551371a58ab968d2485083
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "11D4EB5BD32598CA2759E6E8276A111DECA1700A62551371A58AB968D2485083"
Last-Modified: Mon, 07 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7070
Expires: Wed, 09 Nov 2022 18:47:23 GMT
Date: Wed, 09 Nov 2022 16:49:33 GMT
Connection: keep-alive
mentsecono.xyz/utx?cb=8lpo7b05KPIW&top=download.cracksurl.com&tid=709056
54.230.111.124204 No Content 0 B URL HTTP/2 mentsecono.xyz/utx?cb=8lpo7b05KPIW&top=download.cracksurl.com&tid=709056
IP 54.230.111.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=8lpo7b05KPIW&top=download.cracksurl.com&tid=709056 HTTP/1.1
Host: mentsecono.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://download.cracksurl.com
Connection: keep-alive
Referer: http://download.cracksurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 09 Nov 2022 16:49:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://download.cracksurl.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 09 Nov 2022 16:50:33 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5ga2WY2LOsGYqjpy2B1Iv0EQnOD812KVciZXioMc5OFr2B8L1mpcqA==
X-Firefox-Spdy: h2
d1nmxiiewlx627.cloudfront.net/zc0k4Y0cQJlYFeAcgXF5wQ3AIVnFVI0sMKQN0chsSKwJ9EQsQfwBSYQczXF53VSVZDSBOb10NJE54HgIjEXQMRTMDJlNeJRYjWwAyBzpXAGEGKAUOKAkgVA8mVnt+VmlDbApTbwQgVgcoBDodUXcdPR1Rd0J5FlNiQAsdUXcEIFZVc1Z6ekZ1QzEOV2JACx-1RdwE/HVAGQnkNTXdabApTIBYqUwxiQQ8KU3ZDeQlTdlZ7CAUuASxeDD9We35Sd0ZnCEUyTng
54.230.245.47200 OK 457 B URL HTTP/1.1 d1nmxiiewlx627.cloudfront.net/zc0k4Y0cQJlYFeAcgXF5wQ3AIVnFVI0sMKQN0chsSKwJ9EQsQfwBSYQczXF53VSVZDSBOb10NJE54HgIjEXQMRTMDJlNeJRYjWwAyBzpXAGEGKAUOKAkgVA8mVnt+VmlDbApTbwQgVgcoBDodUXcdPR1Rd0J5FlNiQAsdUXcEIFZVc1Z6ekZ1QzEOV2JACx-1RdwE/HVAGQnkNTXdabApTIBYqUwxiQQ8KU3ZDeQlTdlZ7CAUuASxeDD9We35Sd0ZnCEUyTng
IP 54.230.245.47:0
File type ASCII text, with very long lines (588), with no line terminators
Hash b5f7accb7108480f2bd47759be9bfed1
909d7f57ef6c70d6f3f87088334bbc3df1e9eb83
a5df1ecb756ab7de50cb30700e28ee70d9ebe8a1ecf3190396b0a4f63a285d21
Analyzer Verdict Alert fortinet Malware
GET /zc0k4Y0cQJlYFeAcgXF5wQ3AIVnFVI0sMKQN0chsSKwJ9EQsQfwBSYQczXF53VSVZDSBOb10NJE54HgIjEXQMRTMDJlNeJRYjWwAyBzpXAGEGKAUOKAkgVA8mVnt+VmlDbApTbwQgVgcoBDodUXcdPR1Rd0J5FlNiQAsdUXcEIFZVc1Z6ekZ1QzEOV2JACx-1RdwE/HVAGQnkNTXdabApTIBYqUwxiQQ8KU3ZDeQlTdlZ7CAUuASxeDD9We35Sd0ZnCEUyTng HTTP/1.1
Host: d1nmxiiewlx627.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mentsecono.xyz/
HTTP/1.1 200 OK
Content-Length: 457
Connection: keep-alive
Date: Wed, 09 Nov 2022 16:49:33 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7ggGWy8LxaYPrqp0Jmb3_7T0EslaeYKskP_zgmxzNey2JDQcgY4Fag==
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1a154674cb81c5eee3d3bb75bcb2b4
ff9755ea23b3096f652c6b039f810a3865601475
11d4eb5bd32598ca2759e6e8276a111deca1700a62551371a58ab968d2485083
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "11D4EB5BD32598CA2759E6E8276A111DECA1700A62551371A58AB968D2485083"
Last-Modified: Mon, 07 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7070
Expires: Wed, 09 Nov 2022 18:47:23 GMT
Date: Wed, 09 Nov 2022 16:49:33 GMT
Connection: keep-alive
andwhenmyf.xyz/popunder.gif
104.21.33.226200 OK 58 B URL HTTP/1.1 andwhenmyf.xyz/popunder.gif
IP 104.21.33.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: andwhenmyf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://download.cracksurl.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 16:49:33 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 75073
Last-Modified: Tue, 08 Nov 2022 19:58:20 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDkKSfP8EIGUbbwfjw7eDRLZapxVCSfLidBszwZGmmjr8POpXCbA7z6Xvx73BG9e4g%2B%2BuxKffaWY3fkpYEbiL24RokLzpz7ZI9KiLwRwX2bRnihg%2Bn%2FmpQZu4%2FMFe4pKOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76780ad79a6d0b49-OSL
alt-svc: h2=":443"; ma=60
mentsecono.xyz/multi?cs=cEVTTDJFd2J0AkZ1a3wDQ3RhfQA&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&u=1143747395513694&agec=1668012573&fs=1&ref=http%3A%2F%2Fdownload.cracksurl.com%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_RdzA=1668012569939&crc=1
54.230.111.124200 OK 1.5 kB URL HTTP/2 mentsecono.xyz/multi?cs=cEVTTDJFd2J0AkZ1a3wDQ3RhfQA&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&u=1143747395513694&agec=1668012573&fs=1&ref=http%3A%2F%2Fdownload.cracksurl.com%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_RdzA=1668012569939&crc=1
IP 54.230.111.124:0
File type ASCII text, with very long lines (3151), with no line terminators
Hash 390fafefa7d2799e7b0c9999efc95e60
ce3f0ab1380003605ec816b2f40ccce99ba1408c
68f8ca5adccdca53c177c8575131d0497f9eda4d0af1e46c67a0b8901f8ab367
GET /multi?cs=cEVTTDJFd2J0AkZ1a3wDQ3RhfQA&abt=0&red=1&sm=76&k=&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&u=1143747395513694&agec=1668012573&fs=1&ref=http%3A%2F%2Fdownload.cracksurl.com%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_RdzA=1668012569939&crc=1 HTTP/1.1
Host: mentsecono.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://download.cracksurl.com
Connection: keep-alive
Referer: http://download.cracksurl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1503
date: Wed, 09 Nov 2022 16:49:33 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://download.cracksurl.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3e03d258-4ad6-4d3d-aef9-f5b8a423dff9
csu=1143747395513694
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KAnYKbwtraJiANA-ECIOBm9kB8SU5wo8hjpBVpOCiOXt2JhzbivWTA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 16:49:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 16:49:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 16:49:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 16:49:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b6e55fb9c16b8ec503ca6fb935f650f
1e392159765235158a218248677dc21c46bc4f42
89cc50a881ff8fae94b7bfa2732d133df59bae06680f6d2147281ee7bf8ab00b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Wed, 09 Nov 2022 18:37:50 GMT
Date: Wed, 09 Nov 2022 16:49:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11ef1d34ac2d42662fe53fc58c882fdf
16f1e048895ed1ee0c0c071e3939e741113e4969
61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LDFjqTNKAf14q52-12SgdxG52y16CzeAmZFIIwxEnUFTYp8ZOTT4Ew==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 18:20:46 GMT
age: 80928
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 7360c882-e191-456f-a3bd-a60b9521fa1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTvFUXIAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-76c6b1c251a2bf7e56fd9ba2;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YjFB1BpcpATyMj0aZldTHb6xWSeTIzklGyc1WWT09DsrnYQ1bUiTkg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:12:57 GMT
age: 66997
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: 3e45e647-43a6-43bf-b011-366e3899b400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEEr7IAMF_JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-76f4e8dc345994823ef9ce4d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tgUANh-QVW5J4xKViYY6NCQYFLJBjXYoEupDzvKa2UJ9TZ-sBclIPQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:56:11 GMT
age: 68003
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c69b19d2273c3ade32fd0797921c0459
8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 68079
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29429581f8dc762c69c5916009f70080
9265cae98aa663a5498925b70079abdd8e7031fd
c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
content-type: image/jpeg
age: 68751
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:08:58 GMT
age: 27636
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.106.19200 OK 0 B IP 172.64.106.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://download.cracksurl.com/
Origin: http://download.cracksurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Nov 2022 16:49:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://download.cracksurl.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Wed, 09 Nov 2022 16:49:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtRZyqJ22%2BidSRqYJVEoXwPMMwcLNwz75iFuNSVIxHK6KUPlgP1U%2FHl3YYcXTkTzaGUgXTWrZaORyrnYdFzmh%2BvS9o65U%2BsdCfqx232qPK5%2BjhSO7YQ443gTz3C1AEZa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76780ad67c86e620-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.106.19200 OK 0 B IP 172.64.106.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://download.cracksurl.com/
Origin: http://download.cracksurl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 16:49:33 GMT
content-type: text/plain
set-cookie: csu=1143747395513694@1@1668012573; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://download.cracksurl.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIYOQ7W1Gu2ABKl1mpFRV7yTb1KfvnRo%2FcYDbmzFU0jBbEYqLu9UVCkT%2F7edMYZxO1%2BqUtDD3jWnpHApmeTUQsN%2FrMgNMENy4%2BWq2qnfJSRP1%2B0pWRBM8VLFH%2FS9qaHZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76780ad67c85e620-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2