Overview

URLwww.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
IP 95.211.200.52 (Netherlands)
ASN#60781 LeaseWeb Netherlands B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 20:57:18 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (29)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
engagecdn.filefactory.com (3) 0 2018-06-21 06:10:30 UTC 2020-05-08 04:31:30 UTC 89.149.201.75 Domain (filefactory.com) ranked at: 160487
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
forgivenessimpact.com (1) 0 2021-09-29 23:03:04 UTC 2022-12-04 17:10:46 UTC 173.233.137.44 Unknown ranking
henoticpipi.com (1) 0 2022-08-16 11:00:44 UTC 2022-12-05 04:36:24 UTC 23.109.87.100 Unknown ranking
whiskerssituationdisturb.com (1) 0 2022-11-15 09:13:25 UTC 2022-12-05 16:38:15 UTC 192.243.61.227 Unknown ranking
downloads.mailchimp.com (6) 11609 2012-05-23 18:26:46 UTC 2020-04-05 22:55:15 UTC 143.204.55.94
ssl.google-analytics.com (1) 275 2018-06-15 20:32:37 UTC 2022-12-05 14:30:40 UTC 142.250.74.136
filefactory.com (1) 160487 2012-06-25 13:00:13 UTC 2022-12-05 17:10:19 UTC 95.211.200.52
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.161.230.192
ajax.googleapis.com (2) 12905 2013-08-16 09:51:31 UTC 2022-12-05 14:03:27 UTC 142.250.74.106
usingswhoring.com (1) 0 2022-08-10 23:59:06 UTC 2022-12-04 17:10:46 UTC 23.109.82.46 Unknown ranking
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.20.226
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 157.240.200.14
engagesrvr.filefactory.com (1) 0 2018-09-09 11:19:05 UTC 2020-03-29 05:41:27 UTC 213.227.142.34 Domain (filefactory.com) ranked at: 160487
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
simplewebanalysis.com (1) 0 2022-02-25 04:06:25 UTC 2022-12-05 07:29:05 UTC 18.185.190.54 Unknown ranking
banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-12-05 13:11:04 UTC 192.243.61.225 Unknown ranking
chimpstatic.com (1) 4832 2017-04-24 07:02:55 UTC 2022-12-05 12:10:56 UTC 96.6.17.210
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
www.filefactory.com (17) 509465 2012-05-21 18:23:06 UTC 2020-04-06 09:49:23 UTC 95.211.200.52
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-05 11:11:06 UTC 142.250.74.106
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-05 08:18:24 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mc.us6.list-manage.com (1) 106968 2015-01-19 16:24:20 UTC 2019-11-14 02:39:23 UTC 104.110.24.122
r3.o.lencr.org (12) 344 No data No data 23.36.77.32
www.facebook.com (2) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 157.240.200.35

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-05 2 forgivenessimpact.com/b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js Malware
2022-12-05 2 henoticpipi.com/g9RbYoQO26rZA3R/55129 Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-05 2 whiskerssituationdisturb.com Sinkholed
2022-12-05 2 banquetunarmedgrater.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 95.211.200.52
Date UQ / IDS / BL URL IP
2023-01-30 00:02:33 +0000 0 - 0 - 5 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:06 +0000 0 - 0 - 4 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:04 +0000 0 - 0 - 5 filefactory.com/file/7kb6vepvd8zg/Bloons.TD.6 (...) 95.211.200.52
2023-01-29 09:09:46 +0000 0 - 0 - 5 www.filefactory.com/file/39k1j9xm85z8/Unturne (...) 95.211.200.52
2023-01-28 19:24:02 +0000 0 - 0 - 5 www.filefactory.com/file/2nlaxsb2d1ee/Inside. (...) 95.211.200.52


Last 5 reports on ASN: LeaseWeb Netherlands B.V.
Date UQ / IDS / BL URL IP
2023-01-30 01:17:21 +0000 0 - 0 - 5 7035599053.ambientesmatematicos.co/Newgtod0v5 (...) 213.227.149.234
2023-01-30 00:02:33 +0000 0 - 0 - 5 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:06 +0000 0 - 0 - 4 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:04 +0000 0 - 0 - 5 filefactory.com/file/7kb6vepvd8zg/Bloons.TD.6 (...) 95.211.200.52
2023-01-29 23:57:42 +0000 0 - 2 - 2 95.211.16.242/mips.mips 95.211.16.242


Last 5 reports on domain: filefactory.com
Date UQ / IDS / BL URL IP
2023-01-30 00:02:33 +0000 0 - 0 - 5 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:06 +0000 0 - 0 - 4 www.filefactory.com/file/7kb6vepvd8zg/Bloons. (...) 95.211.200.52
2023-01-30 00:02:04 +0000 0 - 0 - 5 filefactory.com/file/7kb6vepvd8zg/Bloons.TD.6 (...) 95.211.200.52
2023-01-29 09:09:46 +0000 0 - 0 - 5 www.filefactory.com/file/39k1j9xm85z8/Unturne (...) 95.211.200.52
2023-01-28 19:24:02 +0000 0 - 0 - 5 www.filefactory.com/file/2nlaxsb2d1ee/Inside. (...) 95.211.200.52


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-11 14:24:17 +0000 0 - 0 - 6 www.filefactory.com/file/31z17bq3fh0s/SURPRIS (...) 95.211.200.52
2023-01-11 01:28:49 +0000 0 - 0 - 6 www.filefactory.com/file/4rxl1alz184w/People. (...) 95.211.200.52
2023-01-08 17:27:45 +0000 0 - 0 - 5 filefactory.com/file/7id17u01now6/TOFL75.rar 95.211.200.52
2022-12-26 09:14:17 +0000 0 - 0 - 6 www.filefactory.com/file/5si5zs44nnf4/Factori (...) 95.211.200.52
2022-12-22 04:10:14 +0000 0 - 0 - 2 www.filefactory.com/file/5tvakfutso2o/CaseCra (...) 95.211.200.52

JavaScript

Executed Scripts (28)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 158) - SHA256: d1167e3b70947916f421c7e95057bdf8910f7ba485e3716107c9fa1cf6403437
< !DOCTYPE html > < html > < head > < meta name = "viewport"
content = "width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no" / > < /head><body></body > < /html>


HTTP Transactions (81)


Request Response
                                        
                                            GET /file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         95.211.200.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:13 GMT
Content-Length: 178
Connection: keep-alive
Location: https://filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8727
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 20:57:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3309
Cache-Control: max-age=138562
Date: Mon, 05 Dec 2022 20:57:06 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:26:28 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2484
Expires: Mon, 05 Dec 2022 21:38:30 GMT
Date: Mon, 05 Dec 2022 20:57:06 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 20:20:19 GMT
cache-control: public,max-age=3600
age: 2207
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: x3W+QTP9kkjnxebrVUKaaviZnfObX6GQc7dp+CzdMu7XWExJ3mILG86EomOHia8qOemTof2RZfw=
x-amz-request-id: CYYXD0JQN3KSANVA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 20:48:39 GMT
age: 507
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 20:57:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:11:19 GMT
cache-control: public,max-age=3600
age: 2747
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 09 Dec 2022 18:45:14 GMT
ETag: "65e50147945eb564b84a84161390010c3a7780c3"
Last-Modified: Mon, 05 Dec 2022 18:45:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774fb138ef70b4f1-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    251f8999ac9bc0b2e2e775b957578e6c
Sha1:   65e50147945eb564b84a84161390010c3a7780c3
Sha256: 4406f912a89952aa6f2a393d83119bef4216593619a15257c9f58374938c754b
                                        
                                            GET /file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar HTTP/1.1 
Host: filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         95.211.200.52
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3286
Cache-Control: max-age=133471
Date: Mon, 05 Dec 2022 20:57:07 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:01:38 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 4978
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; path=/ locale=en_US.utf8; expires=Tue, 06-Dec-2022 20:57:07 GMT; path=/; domain=.filefactory.com LBPERSIST=persist_w1; path=/
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   4978
Md5:    2ecf02d83c9b55ea73c232e6dd7ea33e
Sha1:   8cb12f221498cc8beea4ae652ebe8551cb79fb71
Sha256: 2929ca682cd91f32586fa375d2d424d13e7cf345de360df5b007bc22621add98
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oldf475qFe+hFwlSdpJdsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.161.230.192
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JAyv/Yeo/ehyGCARhyg0lRaMeTY=

                                        
                                            GET /css/vendor/bootstrap.min.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 18734
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   18734
Md5:    d9c4e81d89198caf489562c850e6c515
Sha1:   e3da6be0dca0ea45d190dd5fe3ac3f7fda0219fb
Sha256: 8243a13ef5d4e10a2ff5b6f171137f74c77b1ccff30b1e7157779242196e04cd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/vendor/bootstrap-dialog.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 4188
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (16771), with no line terminators
Size:   4188
Md5:    2e9e8a0844e9bb269412720e30ec518c
Sha1:   4e1ef0cfa65000b885a1d9512e030edb354eff44
Sha256: a94d3e76ce47a9501f02dbe231a9f7c4b1a8a9dae4a74497dd551a4aa349a58a
                                        
                                            GET /css/vendor/bootstrap-dialog.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 516
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (2012), with no line terminators
Size:   516
Md5:    0369f3f2323383c427de48d1826d3f36
Sha1:   c4badfee0621c82fc0a10920d3228cea11111378
Sha256: 47910de5c7f0bb200606b508202690a36dc0055805dffe7b6972fc037430a3c4
                                        
                                            GET /css/filefactory.wp.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 2030
Connection: keep-alive
Last-Modified: Tue, 14 Aug 2018 04:54:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   2030
Md5:    8abbab6476fafabcaf7f435f4c498f21
Sha1:   86fce7af2f73e7dc00689c46ed7a7aa6ca777ff8
Sha256: 953878b3e7c4fe71dea5a70200582d38ef6a178f7f83095b677aa3f50dd37d38
                                        
                                            GET /css/filefactory.wp.download.css?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 651
Connection: keep-alive
Last-Modified: Sat, 17 Jun 2017 04:44:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   651
Md5:    67670bc7620a54bc2d4e7dec96399e77
Sha1:   3c84a45236e315a038a1598cc0a229c42d799c86
Sha256: 404089245c8aaa3a29cf57f852d664bbdb49f8aafd57708f3da51c18a35b5a43
                                        
                                            GET /js/filefactory.common.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 1700
Connection: keep-alive
Last-Modified: Tue, 07 May 2019 08:33:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (2383), with CRLF line terminators
Size:   1700
Md5:    2c07a42028cdc50efce1586cc7175ba8
Sha1:   dc1a5da5eb06d466cc8860cd593bc7a0cf2b99ac
Sha256: 31f1cf190e5db84a4eebafd0bcbb48f80c2d3f0c9346f6e00406937fc5b8ba7e
                                        
                                            GET /js/vendor/bootstrap.min.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 9691
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (36622), with no line terminators
Size:   9691
Md5:    19ffde9db3c06677e3c134246a77dc4a
Sha1:   4787610b6ee20909c031e97e5045c18496c8e4b7
Sha256: 12fae54989d035cf72a58295e88ede408b1470096bfa620fd31523e3c742bf45
                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:13:37 GMT
expires: Wed, 29 Nov 2023 22:13:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 513810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            GET /js/vendor/jquery.cookie.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 616
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1143), with no line terminators
Size:   616
Md5:    9dc410259b911c91103b71b0da4db1b4
Sha1:   8bbfe01b65bd9ba687c1407131f7dd4d31ca51e3
Sha256: 76c01394e846761a9d20c84a4919d42558cb6619ec2c44577681e72f495e853a
                                        
                                            GET /js/vendor/countdown.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 837
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (3495), with no line terminators
Size:   837
Md5:    427a0fc92994a6b92d0f4b65d1bee5aa
Sha1:   4f59883fd8e3e861872e76095beaa05e59b9037a
Sha256: 39fda67bbaba8165bcb44293edde7410ff29e149866141fc25e9774d7bfd7327
                                        
                                            GET /js/filefactory.download.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 3941
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (12559), with no line terminators
Size:   3941
Md5:    0e8beb3e9e301026a8696b9b8ac607d5
Sha1:   b0e8de3dc6fd295f87bbb4495639811a5ac02eae
Sha256: d25eddf5332fcc8d069e66ec73a005e34d8d59d0d98d09780758af14fb310eff
                                        
                                            GET /js/vendor/countdown_plugins.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 14997
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:36:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (45450), with no line terminators
Size:   14997
Md5:    f34475e9958e420955c700820b870ded
Sha1:   ef50b2ea27da3fe99502e01c5320a8a0b80de17f
Sha256: 1205aa096ef6cdffe92d6705b7c0e1b1a963b1d3c5a86816c0a5362b6ab3d5b2
                                        
                                            GET /js/vendor/jquery.zclip.js?v=004000000024 HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 2603
Connection: keep-alive
Last-Modified: Tue, 10 Nov 2015 22:37:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 20:57:07 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (7482), with no line terminators
Size:   2603
Md5:    15514f102ce938370faf62a5935f98a4
Sha1:   9ab90f99b5113a7eacc89cf495e6d00bf7a97abf
Sha256: c8e2aebf568b1b0d4d96818f40020d0681a0ab5a7ff9ba2f61f546593559c9f1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2448941ED8E4DF0A526632AD19E32A93B9DFBE81692B6F9DB78CDBA0748E829C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4460
Expires: Mon, 05 Dec 2022 22:11:27 GMT
Date: Mon, 05 Dec 2022 20:57:07 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "573FDF923722CD68EEFD5C30213F9DCACA8F2E736D635044D8D4E8DB26F707CB"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3265
Expires: Mon, 05 Dec 2022 21:51:32 GMT
Date: Mon, 05 Dec 2022 20:57:07 GMT
Connection: keep-alive

                                        
                                            GET /ajax/libs/jqueryui/1.11.1/jquery-ui.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 63865
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:51:19 GMT
expires: Thu, 30 Nov 2023 18:51:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 439548
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32119)
Size:   63865
Md5:    5fff368bebfbbc83919d7ddd9afac949
Sha1:   8b89f7c5ab4700ef0289ff30142082bd108e0354
Sha256: a8969e8853f473ca839e9728872e08c1f0ac0851fe1431d29fa5ed7382910990
                                        
                                            GET /wp/img/filefactory-logo-white.svg HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 6174
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   6174
Md5:    249acd65dbe7bf8bdf2477d1a7a1bdee
Sha1:   f322b0d7e66ee18be95a820e463e957cc50e1238
Sha256: 8cd74251eda091402e01f67f217f5a466d87d0111cc9b5724a831cf21a938cd8
                                        
                                            GET /r3ZwU3RRZQUni7/55128 HTTP/1.1 
Host: usingswhoring.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.109.82.46
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:57:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 20:57:07 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 20:57:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /css?family=Open+Sans:400,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 20:57:07 GMT
date: Mon, 05 Dec 2022 20:57:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22851
Md5:    767c180f4a6e555c524153b18b8f2b2f
Sha1:   a4e4211f7fa241218399ce7ed3f12c80dd6e5ba8
Sha256: 175d5da8c137137486c226c82fa832b63e0ce73af65af3e3ea4d41f3f6b81826
                                        
                                            GET /wp/img/icon-cloud.svg HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:14 GMT
Content-Length: 17092
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2017 23:34:39 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (14564)
Size:   17092
Md5:    1036571f93a23865267246ebf737a0c2
Sha1:   5a08d068303aecabf2fdc2d203101f8063a3cc42
Sha256: e751c9f7db67a14fa7e5c3a51a8c62a4e3a151a06cc2f0bcec8e11ca6c2c57fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 7466
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /mcjs-connected/js/users/cc27616a935143f3234e68708/058c28910046bb6b1c91d8684.js HTTP/1.1 
Host: chimpstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.6.17.210
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: Kw8NyVkAhaEzpbBAe1UULVkCfyhPyXiK6756y+dTLUGJM/92rDCGNMDIAFMZyiyf8eLaANJiM/w=
x-amz-request-id: BH396Q8W05D9PSXE
Last-Modified: Wed, 26 Oct 2022 04:19:23 GMT
ETag: "f93507267e71f50f984e4493f1eec056"
Accept-Ranges: bytes
Server: AmazonS3
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 96
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1454
Expires: Mon, 05 Dec 2022 21:21:21 GMT
Date: Mon, 05 Dec 2022 20:57:07 GMT
Content-Length: 1223
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   1223
Md5:    8273d84537cadc5b9a2e738d212a798d
Sha1:   2b428dac0ccadd8ad81471b89b983a6ab83cb58c
Sha256: 26b0237c699edce2075e43f5a8dd37c73e091a06ac0bee1de767bf0c4dbba16e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D0CE9BC80DFB2779A6587026A504B3CCA0A471F34AD69CE5C0009A38552DE11"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11192
Expires: Tue, 06 Dec 2022 00:03:40 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            GET /b6/6f/f7/b66ff7c1636b152673f970d2464db83f.js HTTP/1.1 
Host: forgivenessimpact.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 20:57:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1cca9bde1981f1d79697d7366505b27
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (60169), with no line terminators
Size:   20706
Md5:    87dba416ca1e7692cde3fad309f55a5b
Sha1:   1b7a65650a532bd46fc4276d34e0e09cd6533897
Sha256: d696b8fb86fbe5aa7a69e5bd576654b71f6d05c3fec856220e18a4800c38299f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /g9RbYoQO26rZA3R/55129 HTTP/1.1 
Host: henoticpipi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.109.87.100
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:57:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.filefactory.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148565
Date: Mon, 05 Dec 2022 20:57:08 GMT
Etag: "638df297-1d7"
Expires: Wed, 07 Dec 2022 14:13:13 GMT
Last-Modified: Mon, 05 Dec 2022 13:31:03 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GLV2dWQzSAmS1G1WQb2qVE1kkb5NMOgKD0qnk2vcWZxe8V-1whjaIg==
Age: 2530

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.185.190.54
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 05 Dec 2022 20:57:08 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
set-cookie: uid_id2=122d4aea-d6bc-4ab5-9036-aba45ec45344:2:1; expires=Thu, 02 Dec 2032 20:57:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    6b945d86f2d3a22aaba4af482da0e92a
Sha1:   2b7df6c99a1b0f39d009435b7abb52b4af97060c
Sha256: 344a32ce13611b7b3a2ac5634f8de5cac04b2840f78bab8ec2bf454c954c82fe
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3DF452F4397B612584E550D519DC205D4826EB38A4232A5EA15CC7DD3108021"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2942
Expires: Mon, 05 Dec 2022 21:46:10 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8535
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1965&rd=1965&fd=941&bv=22.10.v.9&tmpl=70 HTTP/1.1 
Host: whiskerssituationdisturb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 20:57:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8535
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8535
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 83583
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8535
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 17:40:45 GMT
Server: AmazonS3
Content-Encoding: br
Date: Mon, 05 Dec 2022 20:25:58 GMT
ETag: W/"5c6965cc78c0d8bf5e4a61529ab31de1"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SbN_pOpInYOl2I-jhWK0x-jNg40ybJuFZf0y7G0mTW1DhYGyGdueQg==
Age: 1871
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text, with very long lines (65526)
Size:   67718
Md5:    671ea1cf214152ddb7895c1506ee148a
Sha1:   19c5bc92ef3061b536fa59d96d2a8d78be83fcb7
Sha256: 821141e5dbb41d9666ceba73b44fc17d8eebd9558dd78b6de38ac42c043f5eb1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
age: 83319
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8749
Md5:    dcb8fe0c4ba323ab2483fa290c291051
Sha1:   6706e02d6b95edc3a33c951f07d04b0fb7415b77
Sha256: 6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8535
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Mon, 05 Dec 2022 22:37:43 GMT
Date: Mon, 05 Dec 2022 20:57:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 83669
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 35446
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10396
Md5:    24c69d7ef356b352956d6dcbc9f5df1d
Sha1:   2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
Sha256: 94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.136
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 05 Dec 2022 20:17:12 GMT
expires: Mon, 05 Dec 2022 22:17:12 GMT
cache-control: public, max-age=7200
age: 2396
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/file/5km56bq4nn5m/Keyword%20Scraper%20by%20xRisky.rar
Cookie: PHPSESSID=il8s6k8332jvtf3sfc5pn9ojr0; locale=en_US.utf8; LBPERSIST=persist_w1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=122d4aea-d6bc-4ab5-9036-aba45ec45344%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         95.211.200.52
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Mon, 05 Dec 2022 20:27:15 GMT
Content-Length: 99678
Connection: keep-alive
Last-Modified: Thu, 22 Oct 2015 02:35:05 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   99678
Md5:    90e3dcc0cc6a5c4809b7dfd50e966015
Sha1:   17e2063b061ea56bc5bd7b65901765289b5b6824
Sha256: 3eacac1f0142be27236ddad54cf1450ffe8aa60175af254938e7f7c5f99532a9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2737
Cache-Control: max-age=151645
Date: Mon, 05 Dec 2022 20:57:08 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:04:33 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 20:57:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1yOQmRx4ef2kiCIhrHaruYx/dyl/V4OMjPWAZN3Q83Z3vZzzPMkhVstxtCTONFLEaKZzQEV9XUb6esI42WEqpg==
content-length: 27340
x-fb-trip-id: 1679558926
date: Mon, 05 Dec 2022 20:57:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2738
Cache-Control: max-age=151645
Date: Mon, 05 Dec 2022 20:57:09 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:04:34 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 20:57:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00bde1c9a8b7f6ab60bdc7491289122b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /?938685878&keywords=guest HTTP/1.1 
Host: engagesrvr.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.filefactory.com
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         213.227.142.34
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 05 Dec 2022 20:57:09 GMT
cache-control: no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-store, no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.filefactory.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, CSRFToken, Authorization
link: <//engagecdn.filefactory.com>; rel=dns-prefetch
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2903), with no line terminators
Size:   858
Md5:    fc92ca3c3ccec4f3f5f1f354489a75e3
Sha1:   2021df557445c2c12f0f8eba6907536d507b0356
Sha256: 97026ce7604057200306510d1556968324ca7b1a76caa6ce318af5bda046a675
                                        
                                            GET /subscribe/form-settings?u=cc27616a935143f3234e68708&id=7870230735&u=cc27616a935143f3234e68708&id=7870230735&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1 
Host: mc.us6.list-manage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.110.24.122
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
content-length: 6179
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 05 Dec 2022 21:02:09 GMT
date: Mon, 05 Dec 2022 20:57:09 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.ed54994ac82642f9db6a7e1e05a04fbf.6897dc37b6b61935ce87dadd07675970f7e4e68eb89cef73ca28756410a39673; expires=Tue, 05-Dec-2023 20:57:09 GMT; Max-Age=31536000; path=/ _mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ _abck=015CDE6DA0DACA2143F648238E0BB9C4~-1~YAAQrU0kF3Uhd4OEAQAArQkU5AlVtXpUYr/NUuCo8+tKSKE0dLQxdIp/kRI4N+c8OR6dxxwoARdrH39UKaQ3hHBKQ8AZfUO1fYlMIqbFP5rnSG14qdjLsCcXhMbvvGVKjQaUbdii+bGBmUCiIrqcks+ZUJ1qK4YFvVCYn09ZoNbYVb5XziFLQk1A64oS1pCCj5I8+QzirKwm/2H44ebUwGaSY1nHGcZoF27/lyFoECXgrpmMRHgsRhaXJl43l/mYivuml+0InLA6Hh8mmpIDUKUwgu/schttk6Stm79ZQKlvcEs1NrHik+CBUxWEXtwActhAnt1HgTOa5IYEt6h/3vRde11sDlo6MJeOduFUpDLFYiVzXBXej9s6D0TYlukDF0s=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Tue, 05 Dec 2023 20:57:09 GMT; Max-Age=31536000; SameSite=None; Secure ak_bmsc=31CBFFFA1024E0843116B86BCC08DAAB~000000000000000000000000000000~YAAQrU0kF3Yhd4OEAQAArQkU5BK/e3IhWAt9MaoZ01ufgmUDDXdI2f66AF+ZS3rrCzgJtNjXN8nXqpuaKGYeo34s/2prLWS9YtZMbUexl+UgfpOgAC9JClapw7tdw+qyAy22wnXLxSDmfyfxsrcdblLvohupKMCjBl5pOUST184yrEvOTPft/Dmy6JJdqiP8OeWLgGj035kDFJ00FUnnbpq//0zICazU7y0G6dxcuo9H/VgGVe1TvlkG2weLEYXdlCRqLBmZkUmLfW6JkeofUuHmMh/6gJxBySdyT7f90TidYu3wVXGFH2osYQxYk3dnyMGhOI/ZyyrOsnuc/SRjMD4tywYOYqD8ZmMQVJMog+08gp50qq0TjQBU+5AUrWs9uVO7whEnqtgMxpmsKYgllLP8; Domain=.us6.list-manage.com; Path=/; Expires=Mon, 05 Dec 2022 22:57:09 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly bm_sz=14549E1840E4B5F7543ABC3DA9967D2D~YAAQrU0kF3chd4OEAQAArQkU5BL3uRaOlh6WJzQtLJJKphK+D/2uQDqfGcNKZmDLLh1k1kLyfmA2mQhuAf2xyc7lJV53GO/lXv4MGb/Jxj6yBjD3eMRVJCPCQdSjV5V35QkHLuCA4jR3mkz0BQZ8ujiuY0x8xiOgHx3U6kzEKWsGbThOYda9EnEgv76LqAWcJhBOcFM3TExJmX6FCEdrasTA3WHQBY4pZW20PXx0IjA+1v2t/DbHSIuKP1ocCbLLP0ckdgdvjPhruOSORjcMWmOrC9uLMxXM4X/MTC39Jw4mVMDxlclo2Q==~3356741~4408889; Domain=.list-manage.com; Path=/; Expires=Tue, 06 Dec 2022 00:57:09 GMT; Max-Age=14400; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12781), with no line terminators
Size:   6179
Md5:    b4b632cc92b7497665a00ea7f4e4185d
Sha1:   5784a1a702feff336a9519e93cd53b8694b9b612
Sha256: fec20cc62b53e3a458dadc074f5852889f18827319802df572056ce30bfdaa92
                                        
                                            GET /t246f07e0/img/e3t46_mb3stu_d89164f1.jpg HTTP/1.1 
Host: engagecdn.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.50672996.1670273826.1670273826.1670273826.1; __utmb=140252452.1.10.1670273826; __utmc=140252452; __utmz=140252452.1670273826.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         89.149.201.75
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 05 Dec 2022 20:57:09 GMT
content-length: 45607
last-modified: Tue, 01 Nov 2022 02:20:10 GMT
expires: Tue, 05 Dec 2023 20:57:09 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 1920x1200, components 3\012- data
Size:   45607
Md5:    6553c5715ff3d308ac0a7ad8a46acf46
Sha1:   7808a13ac2d8edeb4aa45d8bfdc427d7b0fede20
Sha256: afedeccceae04919b0fe264ed6fb2bd5264b84003cbb215290a2cab624d0024f
                                        
                                            GET /t246f07e0/img/e3t46_y9xpahwmhh6thebrpad8_119dcd8feba6b47633b0f8e26a998027.png HTTP/1.1 
Host: engagecdn.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.50672996.1670273826.1670273826.1670273826.1; __utmb=140252452.1.10.1670273826; __utmc=140252452; __utmz=140252452.1670273826.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         89.149.201.75
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 05 Dec 2022 20:57:09 GMT
content-length: 156933
last-modified: Thu, 30 Apr 2020 18:25:15 GMT
expires: Tue, 05 Dec 2023 20:57:09 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size:   156933
Md5:    119dcd8feba6b47633b0f8e26a998027
Sha1:   5b1b226e63d8ee9c9ccc5903fcbe9b15a43df2d0
Sha256: 813f24e8c59b30d1edc389e726d1deecadb686f0e6f1936fc6a0cee4c05a35f2
                                        
                                            GET /t246f07e0/img/e3t46_huvsmw798b7sbtfd5wyk_bac6f6c2f517602ab8355add92356f9b.png HTTP/1.1 
Host: engagecdn.filefactory.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Cookie: locale=en_US.utf8; __utma=140252452.50672996.1670273826.1670273826.1670273826.1; __utmb=140252452.1.10.1670273826; __utmc=140252452; __utmz=140252452.1670273826.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         89.149.201.75
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 05 Dec 2022 20:57:09 GMT
content-length: 122137
last-modified: Thu, 30 Apr 2020 18:25:15 GMT
expires: Tue, 05 Dec 2023 20:57:09 GMT
cache-control: max-age=31536000, public, no-transform
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 580 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   122137
Md5:    bac6f6c2f517602ab8355add92356f9b
Sha1:   c8f5543e6256eea65c9711aeaeee099eca442718
Sha256: 88da400955be51edec77a77a57967be6716a7c223b7dda2064c9f7fa96f068b4
                                        
                                            GET /js/signup-forms/popup/unique-methods/73bf20a8fe762dee6abd0173cd576e53d748a0df/popup.js HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Mon, 05 Dec 2022 12:51:29 GMT
ETag: W/"d3149280c831cbf6538770c71a916f43"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1gLZa6RipsWSEPtUT_mzFdVI8wrC5K4ipcr4T9S0KY9dIg4-2iCXxQ==
Age: 29141
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text, with very long lines (65526)
Size:   29255
Md5:    a531c468d1043afe130c4efa82a27d16
Sha1:   f80d04183d75e7f4f3a8718a9eaa83f1651fec7a
Sha256: 11725cf6f668d5099a3a756678d2f2743187d82d274aff62e60200df2289d5ff
                                        
                                            GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/common.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Mon, 05 Dec 2022 12:51:30 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9l4smvil4DExrcnZO349EWEIeK6i9FR5Tn6quPfax5g232dGc2fLvg==
Age: 29140
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   2399
Md5:    d19b18b64fe30a64762d4a50ca861b1c
Sha1:   cf0b39c5e4a85fa9cb916f074c62ec2315528c95
Sha256: ddc117511a02d7e507e26304afa0f9877c6644f43ec83ca8a15ff81b00c1e79e
                                        
                                            GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/layout-2.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 03:57:39 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i9heMWjY82fR23v_jlSbzSTmDuWGjZmN0h44EI3XZJV-JAzYPTQHCg==
Age: 61171
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   455
Md5:    cf00c7e6b7868062bf758deaa7b83864
Sha1:   cff15cad13c248593f1810ca4ee885e1c883c684
Sha256: 0557ff79eeacb19e8553149dd9c71e906d41f4646cb88005fc08df4ee485a5d4
                                        
                                            GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/banner.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
Server: AmazonS3
Content-Encoding: br
Date: Mon, 05 Dec 2022 11:17:31 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x90DgQPqtQJi7ycajuaEHVXZs7BVJMIjl877HBzloHQjKmc352zAAQ==
Age: 34779
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   348
Md5:    7dc952a02aac2296639b02e8b693f1ca
Sha1:   141d2c58d397b253795db7e070d0846e4cb67d37
Sha256: 4768822ea5fd24c1368db661e02e9e2119f98351068a5531c3ae6e7a762f5e9a
                                        
                                            GET /css/signup-forms/popup/73bf20a8fe762dee6abd0173cd576e53d748a0df/modal.css HTTP/1.1 
Host: downloads.mailchimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 05 Dec 2022 09:41:00 GMT
Last-Modified: Thu, 29 Sep 2022 15:39:29 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 51cZsHt2fMvnKUMunMS58EYRoVH6aoNGsRUzvG0ICD4eCSqkxg_N7w==
Age: 40570
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  ASCII text
Size:   945
Md5:    cff4710f863e85980b11cdc1a67e45e5
Sha1:   272b6b68af6d70bd7e1b69b251ac5821cf3daa25
Sha256: 8a3b8e717762c3e251de403a2f6b06da68e2fce957e10474b0a75c1f610799c3
                                        
                                            GET /tr/?id=559928301484091&ev=ff_member&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F5km56bq4nn5m%2FKeyword%2520Scraper%2520by%2520xRisky.rar&rl=&if=false&ts=1670273826537&cd[type]=free&cd[subends]=0&cd[subduration]=0&cd[files]=0&cd[filesdownloaded]=0&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670273826534.1310541524&it=1670273826292&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 20:57:09 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=559928301484091&ev=PageView&dl=https%3A%2F%2Fwww.filefactory.com%2Ffile%2F5km56bq4nn5m%2FKeyword%2520Scraper%2520by%2520xRisky.rar&rl=&if=false&ts=1670273826535&sw=1280&sh=1024&ud[country]=9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59&ud[client_ip_address]=da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670273826534.1310541524&it=1670273826292&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.filefactory.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 20:57:09 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 65481
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6886
Md5:    f71032604eecccf0a81f323a5f96a400
Sha1:   f8866d4f3185bcf7871581d75339998b34d6cf6d
Sha256: d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57