Overview

URL j.top4top.io/f_awfzvraqwz7c1lxdcyloua/1654692773/808c02sq1.rar
IP135.181.63.70
ASNHetzner Online GmbH
Location Finland
Report completed2022-06-22 07:17:50 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-22 2 j.top4top.io/f_awfzvraqwz7c1lxdcyloua/1654692773/808c02sq1.rar Malware
2022-06-22 2 top4top.io/f-808c02sq1-rar.html Malware
2022-06-22 2 top4top.io/downloadf-808c02sq1-rar.html Malware
2022-06-22 2 top4top.io/share.js Malware
2022-06-22 2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47 Malware
2022-06-22 2 s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47 Malware
2022-06-22 2 s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47 Malware
2022-06-22 2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47 Malware
2022-06-22 2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] j.top4top.io (1) 730645 No data No data 135.181.63.70
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] www.facebook.com (1) 99 2012-05-28 23:09:18 UTC 2022-06-21 04:45:31 UTC 157.240.200.35
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-21 07:58:41 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-22 04:24:44 UTC 23.36.76.226
[Mnemonic Passive DNS] connect.facebook.net (2) 139 2013-09-20 12:03:21 UTC 2022-06-22 04:37:03 UTC 157.240.200.14
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-22 04:39:24 UTC 35.81.61.20
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-22 04:10:54 UTC 54.230.111.14
[Mnemonic Passive DNS] top4top.io (10) 118839 2021-07-22 14:24:43 UTC 2021-07-22 14:24:43 UTC 188.165.137.170
[Mnemonic Passive DNS] ocsp.digicert.com (3) 86 2012-11-29 12:49:49 UTC 2022-06-22 04:40:12 UTC 93.184.220.29
[Mnemonic Passive DNS] ajax.googleapis.com (1) 12905 2017-01-30 05:00:30 UTC 2019-10-16 05:01:16 UTC 142.250.74.106
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-06-22 03:28:21 UTC 142.250.74.174
[Mnemonic Passive DNS] s.top4top.io (8) 0 No data No data 104.21.5.137 Domain (top4top.io) ranked at: 118839
[Mnemonic Passive DNS] ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-06-22 04:40:17 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 135.181.63.70

Date UQ / IDS / BL URL IP
2022-07-05 16:34:36 +0000
0 - 0 - 4 j.top4top.io/f_uog2mm2k3_kxn-azuyuyza/1657204 (...) 135.181.63.70
2022-07-05 16:32:55 +0000
0 - 0 - 11 j.top4top.io/f_mfaruf-d5q4kxzykkt-zsq/1657202 (...) 135.181.63.70
2022-07-05 15:26:47 +0000
0 - 0 - 10 j.top4top.io/f_pmwryrahlvew77mifyw_cg/1650704 (...) 135.181.63.70
2022-07-05 05:26:15 +0000
0 - 0 - 8 j.top4top.io/f_F1V_MsIIIZXAXjZT_sKRNQ/1657171 (...) 135.181.63.70
2022-07-04 14:03:26 +0000
0 - 0 - 9 j.top4top.io/f_0yf1hopcxe-g-2nobev9lw/1655680 (...) 135.181.63.70
2022-07-03 15:29:21 +0000
0 - 0 - 7 j.top4top.io/f_gv7waIHqK6k23F9N4sNgTQ/1655654 (...) 135.181.63.70
2022-07-03 04:52:15 +0000
0 - 0 - 8 j.top4top.io/f_pmwryrahlvew77mifyw_cg/1650704 (...) 135.181.63.70
2022-07-02 17:07:16 +0000
0 - 0 - 9 j.top4top.io/f_eoe7axsqzogcrbpquwwnaw/1655494 (...) 135.181.63.70
2022-07-01 15:51:47 +0000
0 - 0 - 9 j.top4top.io/f_nzyzxgq5czlh4g1mjzlulw/1656793 (...) 135.181.63.70
2022-07-01 02:51:53 +0000
0 - 0 - 10 p.top4top.io/f_1g2adzae7jiz2vedtr1_4w/1655317 (...) 135.181.63.70

Last 10 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-07-06 04:48:27 +0000
0 - 0 - 31 teppichreinigung-riedstadt.de/ 136.243.20.96
2022-07-06 04:27:51 +0000
0 - 0 - 1 controlpanel.gdpi.net.in/ 178.63.69.42
2022-07-06 04:23:14 +0000
0 - 0 - 2 iosk.org/pms/jin-6.zip 195.201.207.208
2022-07-06 04:17:26 +0000
0 - 0 - 1 95.217.246.240/1140924216.zip 95.217.246.240
2022-07-06 04:11:42 +0000
0 - 0 - 1 95.217.246.240/0843521920.zip 95.217.246.240
2022-07-06 04:09:30 +0000
0 - 0 - 1 my-discount.info/click.php 136.243.110.236
2022-07-06 04:02:54 +0000
0 - 0 - 25 abr-derin.de/ 138.201.140.90
2022-07-06 03:55:05 +0000
0 - 0 - 3 jenenin.com/luk 116.202.250.8
2022-07-06 03:26:53 +0000
0 - 0 - 6 marmil.rs/ 213.239.221.181
2022-07-06 03:12:31 +0000
0 - 0 - 1 95.217.246.240/4059068301.zip 95.217.246.240

No other reports on domain: top4top.io



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 189, repeated: 1) - SHA256: a9825a0cfbb9b0b1c82dc9f1186b2fdbd1e8a196735f8a9e11a0ec319c7f5a40

                                        < a href = "http://cutt.us/share.php?s=sphinn&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/sphinn.png"
alt = "Sphinn" / > < /a>
                                    

#2 JavaScript::Write (size: 214, repeated: 1) - SHA256: 5fe214dfbd11ce05ddd1fc606c021737ace6d2c8f06c45201068ccfc68d44958

                                        < a href = "http://cutt.us/share.php?s=technorati&encode=UTF-8&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/technorati.png"
alt = "Technorati" / > < /a>
                                    

#3 JavaScript::Write (size: 192, repeated: 1) - SHA256: 405e4b2024471b55fe030ef7ac132a5f72099881b8acdb9f5d119b6c492b5fe4

                                        < a href = "http://cutt.us/share.php?s=twitter&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/twitter.png"
alt = "Twitter" / > < /a>
                                    

#4 JavaScript::Write (size: 195, repeated: 1) - SHA256: 32568c3f5591f56113abc8f15ede286f176c0753a8054084f3654e085b642a9c

                                        < a href = "http://cutt.us/share.php?s=facebook&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/facebook.png"
alt = "Facebook" / > < /a>
                                    

#5 JavaScript::Write (size: 183, repeated: 1) - SHA256: c502817a667a24ae3c881921fe09df6e54e6a91220ca6e0d151012c96c1f37d2

                                        < a href = "http://cutt.us/share.php?s=live&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/live.png"
alt = "Live" / > < /a>
                                    

#6 JavaScript::Write (size: 189, repeated: 1) - SHA256: ac0f00599b252d8f5fe8db89d12265562399681e3a1069f8db1667c1f6084224

                                        < a href = "http://cutt.us/share.php?s=reddit&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/reddit.png"
alt = "Reddit" / > < /a>
                                    

#7 JavaScript::Write (size: 192, repeated: 1) - SHA256: 4181bf283b783f094a85320c908f03712551197f98fc389677c36550835d65e7

                                        < a href = "http://cutt.us/share.php?s=myspace&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&title=finder | *-EJD"
target = "_blank" > < img src = "images/myspace.png"
alt = "MySpace" / > < /a>
                                    


HTTP Transactions (47)


Request Response
                                        
                                            GET /f_awfzvraqwz7c1lxdcyloua/1654692773/808c02sq1.rar HTTP/1.1 
Host: j.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         135.181.63.70
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: Hotcores.com
Date: Wed, 22 Jun 2022 07:17:34 GMT
Content-Length: 138
Connection: close
Location: https://top4top.io/f-808c02sq1-rar.html
Reason: Invalid


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 22 Jun 2022 06:43:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qzh7TEkOQV5o0WzjNUPj_KgnvxKyvOm4yKsO-qSTDN2hxHMK1X8ylQ==
Age: 2058


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17059
Expires: Wed, 22 Jun 2022 12:01:53 GMT
Date: Wed, 22 Jun 2022 07:17:34 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 22 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rffSxrxrmTKWkMNGO7xnA-PcpOY8cf9-TNA5wroFpOl4wc8aSyMudw==
age: 18403
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D69BCE21B0054D4C12B19B0D71E51C7A56F6F28E8F0E2193836EFD9CA3231098"
Last-Modified: Tue, 21 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11923
Expires: Wed, 22 Jun 2022 10:36:17 GMT
Date: Wed, 22 Jun 2022 07:17:34 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 22 Jun 2022 07:17:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /f-808c02sq1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f931edefcfe7336bd150d2d76cfbf8ec1701256f; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.170
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 22 Jun 2022 07:17:34 GMT
Server: HotCores
Location: https://top4top.io/downloadf-808c02sq1-rar.html
Content-Length: 255


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   255
Md5:    1d1d5313a12cbcc9b480dd0a849d9c13
Sha1:   7ebeceaee49b3290a82b961d3bce0f3090b3ef94
Sha256: a2d1949d8a79321946fee458f9a6e72707c161640b67133920bdbb302a56db2f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /downloadf-808c02sq1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f931edefcfe7336bd150d2d76cfbf8ec1701256f; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 22 Jun 2022 07:17:34 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; expires=Fri, 24-Jun-2022 07:17:34 GMT; path=/; domain=.top4top.io; httponly
I-AM: US03
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Size:   17265
Md5:    3e3d8c9df12c5e20b3f5ea735dbbebb9
Sha1:   122779acce01a61224cb856b5ce1fc6696bc55cf
Sha256: 2c00647d3c9cd9b77926fbb321a41801e68657704a5d06531c4c10e8372ec686

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/images/soft.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:34 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 81261
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGtYx2SJvtnVHVLUdILDZkyflL4bZrYMssbaNkWrb93npr95PM5MO%2BsEIRuoFZyjBqyNmIvs8zIpaP%2FMWky%2FVhEnIzJXeJR5cHE5hmStXT9DTz8hrv9AudTAj1Yeg20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9e11c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size:   41248
Md5:    8cf5d3f055149868fd89971433ed8ece
Sha1:   e877509e97d487b44bdd7203c7e3ca2795963afa
Sha256: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
                                        
                                            GET /styles/default-new-reg/images/newlogo.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:34 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 575970
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJZcTmFH6oXP198ebigah3g7u0lR%2FPKupidVfZGyPirKIAfKxUZpgx8i0mn1vVvLS%2Bib21s7%2B2ESiH%2FgXYvXk7%2FT6gNI9RUDRu85iRWZnDu9Z5S72Dh4ix74myOOoCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9df1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size:   19068
Md5:    d68c79880117110f89d39cce5c43d39c
Sha1:   6e30dcd905314f77912b224e35ce089560553300
Sha256: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Wed, 22 Jun 2022 07:17:35 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /share.js HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   2045
Md5:    d6b05c71ce92a4e0599cf8b731966510
Sha1:   8735a20d053e085fdfe0963cab19b9499e1be457
Sha256: ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Wed, 22 Jun 2022 07:17:35 GMT
Server: HotCores
I-AM: US01
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4090
Cache-Control: max-age=140582
Date: Wed, 22 Jun 2022 07:17:35 GMT
Etag: "62b2343b-1d7"
Expires: Thu, 23 Jun 2022 22:20:37 GMT
Last-Modified: Tue, 21 Jun 2022 21:12:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 22 Jun 2022 07:17:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 356419af496ddf509c8bb64897384a48
etag: "0b6c5021f5163714ced16dfd25a2ff32"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 22 Jun 2022 07:33:27 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ycg/K9uIC4ShqGDV4ATtrA==
x-fb-debug: jLl8LUIZ/R+56ZQXqeiyB2L6tfiymsrJagUmevLFCUWpdvU5iMg2y0XiKx/4IWiURGUYryBNTcbwS+ItWqaVJw==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Wed, 22 Jun 2022 07:17:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1686
Md5:    c9c83f2bdb880b84a1a860d5e004edac
Sha1:   de8b72cc3c978eb519f27492b2af8e13643f3a2c
Sha256: 8914222775fcf26012bc3eeb5b0770ce882bc44b621e931a2742c4033910ddd5
                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.106
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Jun 2022 09:34:59 GMT
expires: Sat, 17 Jun 2023 09:34:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 423756
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            GET /styles/default-new-reg/images/zl.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   673
Md5:    5caf58a4705aa53b41535b86b18819a1
Sha1:   d38040f84c6dcc16c40519bf0249ea8097b8e969
Sha256: 20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4090
Cache-Control: max-age=140582
Date: Wed, 22 Jun 2022 07:17:35 GMT
Etag: "62b2343b-1d7"
Expires: Thu, 23 Jun 2022 22:20:37 GMT
Last-Modified: Tue, 21 Jun 2022 21:12:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:35 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 450097
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4gBg0pCR%2BL9%2Bqm1ANBRY5YAYc503sjkUp9sifa8RzFZF0uXHpC1nOSGojB%2FdwIGidGupGc2y3fmghw3peywiy9iVBk8v5mZ3r7RnBEUAxns0mDRrcgtTPw6EC1MyW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9da1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (9567), with no line terminators
Size:   2884
Md5:    26015e1f94a439068050b764bad593f0
Sha1:   2e213e028134c32953a6b24d847e8ec4969abf99
Sha256: 65005cff7a21fd07e26218a35f27bd9c44a29b3f7c395ebc35359dcbff92245a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 199809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpE8TpT9XKaCQVPZyjOLsMyTgHcel4QlWNdR1%2F5RvTCrw7zgQMPSPTnU6826%2BjKLB2%2BwL1HlSFRwgRUDjYcaarp96TPSy%2F33w%2BUTEqe%2FQDBPx%2B0lhfWMqgE9K05KCVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9dc1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (474), with no line terminators
Size:   435
Md5:    c270ec872e054b5a1fa82d69e046c94b
Sha1:   ecf40889d685c41075069e96385c3f40b0b610ce
Sha256: 9a6f55da4b8195d658a25bd5dff7745b212dbc7b276db732f0e1e47239c68e0e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 22 Jun 2022 06:19:25 GMT
Cache-Control: max-age=3600
Expires: Wed, 22 Jun 2022 07:07:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0we-PNHSXlnaG-XV27XmbjfJJc_W4eF_B5FZbIF8Yt9TIbqwl1wtZA==
Age: 3490


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:35 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 199809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKRmenS%2B17vyY53ORdCUdohlUtWKeKyNpbLEo6hhKtvsX2M%2FxrFlA2msGeXFkr32dP582NlPkZassLKDqRwn8hcvlXIX2wzAyVRZaVBLwcOpDd9WiJvT5XI1TF50zH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9db1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32108)
Size:   127291
Md5:    9cc6a7268f1c1f3df7ee5ae20ef0e120
Sha1:   c852a9856f95f625d4f4454471670d84c49c83cc
Sha256: 4086d45bc2965763d88ff78824e43956e620e18529e973f6fbaa9f9e95166ee7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:35 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 199810
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqgJYXeksJU%2Fhoa6gbBR%2BAKJJNyYmFlMLsvvPZDWNZWsT8TKGdYeAVC5t8b%2BIMBVZnteugB%2FGZ8rj2Uk%2FV5xxXsgv1cGvD27oqRIqcQpNIkHkpJzC0ZEzure6tIb%2Fpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347dc9f61c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53270)
Size:   4059
Md5:    fbf3e47d7067c3f28b7af069dd582bd1
Sha1:   a1bbae625093ac36aaad9420ae330f6a468b7a5c
Sha256: 5ddb5e3d9a6d782f622d8b3db8fa632d872503c3cfddf4270e535f1f8bf1ee2a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/twitter.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   385
Md5:    cea04ecdecaebee1062f70f6c0377e9b
Sha1:   d8fc45f070c93f100423bb5e724c2394e0664d29
Sha256: 09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
                                        
                                            GET /images/live.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 761
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-2f9"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   761
Md5:    0c0038438c6e145f1a4dea683ce7cc28
Sha1:   c1ad87024ddba2eb6544dc7ee3c16b45ba9a3c63
Sha256: 5e5b288b52e9bbb8b9c2449b04da155054023d50ac2ded7954f912be02f4c484
                                        
                                            GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:35 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 88505
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eT%2FX1chejFeMbWbpfMUaWPZd9f%2B7%2FCAsHREEDGCd8D%2F2G%2Fk%2F%2Bp62LO8wntLl1c6%2F5Xi6hdhYXZzkxhT2vIh25Glx4lF4N4LQaAZt1ayDzqTUfUN2yV8J%2Fmj7H%2Bgh40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347dc9f81c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators
Size:   825
Md5:    7963a710dfb21347c5619a2106b92ffa
Sha1:   7dcb0ccb30c9fd00692033f1523449768e611210
Sha256: d05f45bd890f010b284cf27ef24649a3410c9591d1d160eb5e6cbde8bfc97882

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/myspace.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 776
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-308"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   776
Md5:    35578456cc898dfd8aa2112c223cdced
Sha1:   1d342dae525f04e2dfc7e097bba4a6881b414b35
Sha256: 956189a17826806990967d4836472550d6ed3a8192c2bc1e679dc3cabe440edf
                                        
                                            GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.21.5.137
HTTP/2 200 OK
                                        
date: Wed, 22 Jun 2022 07:17:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 467273
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrry7sFRpsc0qYD5Nc68zkS9h5q7vf%2BzrgftkfwE9ovvsEWHmCH21EMvIKBgJ3s83JlMXx2Mfcg2Qp%2FycJi1JAJYYUbrRtuMINgTCFEHVUscBmBMiOnYS2anAy6zGio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f3347db9de1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (538)
Size:   2274
Md5:    eadf4202cc6df7c8ad69bce121e532fa
Sha1:   7abb5562983bc096d00f0e793261851b781401b6
Sha256: c67384e532f01bfc17062432ab423d03631b427ab6802f0c8e758c73bb15380c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/technorati.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-808c02sq1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=6D%2CH-sir5WQVVM5wYjB2f8WFt64; klj_40d147_fdkey=f72a951ea122b00b813c76af841c215998d84f83; __gads=ID=dcef7bed594f71eb-222e9ffeb8cd00ef:T=1655750391:RT=1655750391:S=ALNI_MYAc09qPZnUjWvDMObGBrpGH8S9Vg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Wed, 22 Jun 2022 07:17:35 GMT
Content-Length: 283
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-11b"
Expires: Wed, 29 Jun 2022 07:17:35 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   283
Md5:    f120938135c52cd80b7f37bd5b17daf4
Sha1:   1cb99566ca564dd8a8273a616d072739c58b4290
Sha256: 6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 22 Jun 2022 07:17:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4322
Cache-Control: 'max-age=158059'
Date: Wed, 22 Jun 2022 07:17:35 GMT
Last-Modified: Wed, 22 Jun 2022 06:05:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 22 Jun 2022 06:41:13 GMT
expires: Wed, 22 Jun 2022 08:41:13 GMT
cache-control: public, max-age=7200
age: 2182
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /en_US/all.js?hash=8422b8349611c82b6af09376bbaea5df HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c0223973bb5717c712d9f11855d7ee6f
etag: "3b4d6e070c9ef853b03bf4af8ab9a072"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 22 Jun 2023 03:21:58 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: rhweN26EDzGIylccsv4lCA==
x-fb-debug: R6G/qJTuDj1UdqteKOt3Z+50hi/zDeUkcIe3yMlJ+iII/cGn8ppG5zZC0o32btyuZlcFiwEeOo6uJFUAJjw9vA==
content-length: 87363
x-fb-trip-id: 1679558926
date: Wed, 22 Jun 2022 07:17:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18553)
Size:   87363
Md5:    ae1c1e376e840f3188ca571cb2fe2508
Sha1:   a51b16f5fc61a8bef8b5e166e49e9b4925c062ec
Sha256: 8d654bbdf7f6b76ef33eb4e7fac67ea6f864b58eb1f082aa7d64ea1298359218
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 22 Jun 2022 07:17:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c059b022d17c%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff301f6cc7a70c84%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-808c02sq1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
                                        
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: Hxi4u9RWMgiqpQeQlXNr3h56df0FU/oISIsdQMh4KZ/d+401iW1hMkFmNLB6e6mmqevIocbxAe5IUJrHyvolnQ==
content-length: 0
date: Wed, 22 Jun 2022 07:17:35 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SaT3RKH72F3aNHrKKZOJRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.81.61.20
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Luyi4/qy40UBpxqeh2q2N3Ue9SU=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14624
Expires: Wed, 22 Jun 2022 11:21:21 GMT
Date: Wed, 22 Jun 2022 07:17:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14624
Expires: Wed, 22 Jun 2022 11:21:21 GMT
Date: Wed, 22 Jun 2022 07:17:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14624
Expires: Wed, 22 Jun 2022 11:21:21 GMT
Date: Wed, 22 Jun 2022 07:17:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14624
Expires: Wed, 22 Jun 2022 11:21:21 GMT
Date: Wed, 22 Jun 2022 07:17:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefc9aa7b-c49b-4375-9764-a218072b5d48.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8069
x-amzn-requestid: 4da0d659-60aa-4913-bae4-32a66d98ac10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UCvMeFBgIAMFcPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b0f8b6-636b01024cb12055694d04d6;Sampled=0
x-amzn-remapped-date: Mon, 20 Jun 2022 22:46:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JmBmDst8lsC0u2Ibhngcx1_syRNih8JgWTsnfqWHrvxQ1blYuMf3fQ==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 00:53:01 GMT
age: 23076
etag: "9f5b2a85b5831db43a15d24e21ec9782f2ee3159"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8069
Md5:    f18cd5f62a10fc3776d8b6f3897020bc
Sha1:   9f5b2a85b5831db43a15d24e21ec9782f2ee3159
Sha256: 50322ea5f7ce4b9dc2e18b68c613546c3a622b91d0beb0baeec8149321cea5bf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9428a707-3b4a-4144-b7f5-5b8b136b6b2b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11749
x-amzn-requestid: 184230b5-a25e-44fa-9d33-0611ab599cc7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T_n2kGL4oAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62afb9c3-49f7615a1cdcea245a7f78cf;Sampled=0
x-amzn-remapped-date: Mon, 20 Jun 2022 00:05:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B5F3nuSG9mHWhlRvfeD0YAnHP3ky7YhAMiwfXNT5cpLn7V-VnXdScg==
via: 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 01:20:13 GMT
age: 21444
etag: "2d70dc8cef28c2dc17faf44475b05021b6696791"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11749
Md5:    c5b134034c743fc14c4f9cfeadc39857
Sha1:   2d70dc8cef28c2dc17faf44475b05021b6696791
Sha256: 894c47430bfb152a5fb152ac033ffe4f803faae8697211dbedf7345e98f16ec3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f2fd6a3-6d2e-41d6-9eb5-e97539430929.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10585
x-amzn-requestid: 72c36e49-412f-4b2d-af53-7236a7105f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UGQGTGakoAMF2eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b2608e-2ecc545f76d75f2526a839c2;Sampled=0
x-amzn-remapped-date: Wed, 22 Jun 2022 00:21:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ofYDhkGmCnCgnFiDhIUE0Y0CSpl8iHJBMVRGQEL-l2XnX0Cj8Rq82g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 00:37:38 GMT
age: 23999
etag: "5bec4b0e3230fc9685e4b86cadcdd47cb81c5640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10585
Md5:    a7673adcdcaf49d114189d73b78a81ab
Sha1:   5bec4b0e3230fc9685e4b86cadcdd47cb81c5640
Sha256: 04530c4260d5cece1944bbdd1d984f383e6bb0139dc75de08b8abf16858b1edd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f9cc6e-f4e5-46de-9a9b-995f5318a34b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11348
x-amzn-requestid: fcbf79fc-b455-478c-aded-8c2d78832d22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UGPV6FUCoAMF_aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b25f58-6348d1e47b6d75c63806df02;Sampled=0
x-amzn-remapped-date: Wed, 22 Jun 2022 00:16:24 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pUq3AZuLpUU9TnC51pKjVCbDmk8SIffrsBDqbc9FfEWQVr2Pth0bRw==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 00:37:40 GMT
age: 23997
etag: "a5c407eda54f2227af33402f2a5849607bc89cd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11348
Md5:    597be1695e3f4eb29c402f9cf128d35b
Sha1:   a5c407eda54f2227af33402f2a5849607bc89cd2
Sha256: bc9d30809c9847e8237de2e68b4226433c93583bdb3aebda05b134ad4a4f1b1c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1b67d2e-347b-45e3-a21b-0b397664d019.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5445
x-amzn-requestid: 8ceca27c-b92a-480c-ad15-9fded04a1e08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UGNieGIGIAMF4Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b25c76-35f3bbf6085b2133488df6b1;Sampled=0
x-amzn-remapped-date: Wed, 22 Jun 2022 00:04:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Am5eJ0IwgLTurF61-Fzo0cRV5vz7Xvy7xfShbGKzgocnZ1fKudmbXQ==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 00:37:40 GMT
age: 23997
etag: "122d2a5c306ad84fdac920beb1b6cf2a6a41e324"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5445
Md5:    75cb6f40417745e394d04f3837e7e8d8
Sha1:   122d2a5c306ad84fdac920beb1b6cf2a6a41e324
Sha256: 9c6cd5642bda83121833f87e95eb504c6263f8d95a4bafcb48b89627ae354a36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33caec65-bd46-4b6a-82b7-7875d760a81e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6577
x-amzn-requestid: c431978c-bcfa-47ce-af62-6e55c08d4400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UGNjgEo9IAMFu-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b25c7c-44e13a2522c6f8e673469f75;Sampled=0
x-amzn-remapped-date: Wed, 22 Jun 2022 00:04:12 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YmllMHPqAd7VaOFw5u3GTsFFWHOdpe2-NKon0UdFGHPpNBcVh_8mGg==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Jun 2022 00:12:22 GMT
etag: "74a267652cdfe47d097ace8ea2a50920a5989068"
content-type: image/jpeg
age: 25515
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6577
Md5:    8e10890d4026d1bab37f98d8c11abc59
Sha1:   74a267652cdfe47d097ace8ea2a50920a5989068
Sha256: 40f02b33e41453aea9a34a1fcd269b63797dc552ba45acae58166e2c1b0c9afa