Report - fs12n1.sendspace.com/dl/1b1a92a0930bf5ab96c537e71505a511/63864e9e7b0260b1/2sd6x7/zxwsoft3.309_all

Report Overview

Submitted URL
fs12n1.sendspace.com/dl/1b1a92a0930bf5ab96c537e71505a511/63864e9e7b0260b1/2sd6x7/zxwsoft3.309_all_package.rar
IP
69.31.136.53
ASN
#3257 GTT Communications Inc.
Submitted
2022-11-30 18:44:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	608 B	709 B	64.233.165.154
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
dl2.topfiles.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	452 B	331 B	95.216.39.22
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	35 kB	23.33.119.27
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.88.25.203
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	879 B	129 kB	172.217.21.174
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	22 kB	142.250.74.110
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	20 kB	142.250.74.131
www.sendspace.com	465313	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.0 kB	172.64.140.36
fs12n1.sendspace.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	503 B	69.31.136.53
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	833 B	8.7 kB	104.17.24.14
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	79 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	dl2.topfiles.net/files/2/61/34583/ekZ0YXPZU9hMY1k5OGIwL2ZUQWU2eEhHa0Jwa3lpY2FQaDhFYmpLTWs5YlZHVT06OhDHXsRszN_s8hIGnGAYHeA/paintnet-portable-x64_4.3.8.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.sendspace.com/js/jquery.colorbox-min.js?v=dee84722	12 kB	2023-03-07	2024-04-12
Pretty URL www.sendspace.com/js/jquery.colorbox-min.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-12 23:03:48 Times Seen3632 Hash 663dd01c8e3859c4aa97cf088c49a64e 4181716dabb9a951a17bfa6e3a03f48ad17e016f 41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e Loading...

	www.sendspace.com/js/jquery.jscrollpane.min.js?v=dee84722	15 kB	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/js/jquery.jscrollpane.min.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen1782 Hash 48cd4c7037b55ef9c25912766e6a98a2 0ed43b7b3a39debff20ba5ef9f7dbac73787d545 49745b3f269631f468a2e5b7aae76c829c25289bd05029b963a553363ea8bd8c Loading...

	www.sendspace.com/js/jquery-browser-deprecated.js?v=dee84722	612 B	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/js/jquery-browser-deprecated.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1447 Hash 348c16dd94586d88e84fdd141cb15ac3 f243f0751186d9a0c4f4bcb3b40915ac4787bbfc 78f3be6afee62645cb34d7cb9baa113d38c4973e14a0455c794a1c1a44a45558 Loading...

	www.sendspace.com/file/2sd6x7	1.5 kB	2023-03-08	2023-09-03
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:54 Last Seen2023-09-03 04:53:37 Times Seen2 Hash 954d458efee4c694f469c398766a18a6 6db05cef28d4f678e536ba9445ae701932b292df 2bad90fb0f86f8217a0609cb38be2e1b15ab6295cbbffb1e01b79598c46201d2 Loading...

	www.sendspace.com/file/2sd6x7	550 B	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen909 Hash c0e8e77f412c49e03c2f3662ae082b62 5bfe24e3c25c65e861dc53cc2a7328dd220647ab 36cbd14b8b5b7527ad90f34a62775ac0d1bf24089638240224a43104282f8ac1 Loading...

	www.sendspace.com/file/2sd6x7	777 B	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1179 Hash acd382166a72f45adac4777908b7939c de64b0e95abc8afaece6a048cae789df6e947ad1 2b2578d5260f6fd53d07496dde83a09ff242e7b56527a010bd72c54543d6c449 Loading...

	cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js	20 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-18 11:06:16 Times Seen5451 Hash f2bc0804920974cdb94feca2936b668c 253b288316ee7bb62b0bc755d7834b14b265f18c af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674 Loading...

	www.sendspace.com/file/2sd6x7	893 B	2023-03-10	2023-03-11
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:30:39 Last Seen2023-03-11 23:08:54 Times Seen1 Hash bbbc888cc0b2bca3592d0dd07d7e6d9a 9d453b53008e0408a3eb59fc2a7b4af66b82d4d1 a43f9620080cbdafe92bbe3710666bfe7dc275db386f8ab584ec47b1d1cc7553 Loading...

	www.sendspace.com/file/2sd6x7	643 B	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1177 Hash 8a082bbee3f10aae1ac94212169eeb4c 94f7f8eae7a1ee410cb1164b65a9b53935d48bb0 b836ab65dc27c5e3c2aeca708885aa9c9c5b330491b04bf1b451eaf7d5ac56cc Loading...

	http:blank	580 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:08:54 Last Seen2023-03-11 23:08:54 Times Seen1 Hash 53f3458fa9ad3245e6b9f33ee3a066c6 82521853ed2c385aa2713f02d73bc47095ce6191 801a91b463d99f4453d112b12cc99b8e20c54aaeb10a35ea34b1e5560c989e91 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	apis.google.com/js/client:platform.js	55 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/js/client:platform.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:49:07 Last Seen2023-03-11 23:52:10 Times Seen1 Hash 262040d63d788aaca9aea3bc95a8b989 7bb47aedbe80a2990aaa01dfb3ba88adb1377c64 5d05394dbfaeccf06c6003ffee1b673a296ae99705211d644c18f9f880e6a94f Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	314 kB	2023-03-08	2023-03-11
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:26 Last Seen2023-03-11 23:51:14 Times Seen1 Hash 98328595c68dd2936d8dd99f9819b352 a542ef68a4362c5801bfabb7d77aad26269a7da9 b94bc164d42f6513ec4a8cec9fa6cd2572d7c550960182165a4c3a42ea96d3f8 Loading...

	www.sendspace.com/file/2sd6x7	1.4 kB	2023-03-11	2023-03-11
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:08:54 Last Seen2023-03-11 23:08:54 Times Seen1 Hash d5de2365f6dc9aaf8b5e18743f8a4031 aa88ff3e3bbc2ba118a842b44c7d234cee03eef6 ea540ec5a8d31227d8f0b0391eda3da832836eeca6ad97e983ec69fb32fd5957 Loading...

	www.sendspace.com/js/sendspace.js?v=dee84722	11 kB	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/js/sendspace.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen2317 Hash f4858198e074e9e9b73c154433ce9c9a 7bd098168e0079bb82c2c995638d964c901c912e e86c0b57c51c7d875e32d665d47b17bf8883b503fa64f6a1e62a574e6326b5d7 Loading...

	www.sendspace.com/trn_javascript.html?v=dee84722	1.8 kB	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/trn_javascript.html?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1479 Hash c08adc357b1ac7d772d5814a8afac77d cad528f1cbcf748a3c3ca44235f6bf701a3538bb be2d167e3fcf89c89b3ce2a1d423af5e527af7faff682e82143efdb4627647cf Loading...

	www.sendspace.com/file/2sd6x7	1.1 kB	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:27 Times Seen1179 Hash 39306a5d6304f37ad1908dd899e4e96b c02d50b38023d86cdb51b21a8a2569a7d45aeb7f 73ffbe8fc59c71edb8ed48f3dde29556ea548aaee0fe98885968ebdf6ab3e58c Loading...

	www.sendspace.com/file/2sd6x7	943 B	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen909 Hash ba665a021e44691034f96dc91692dde1 5969119e1e6cddbb41b146d25a42ee0a1fe22f33 a6c6ccac782cb284e08833d2c5d6e52c7190847b92316975532bf087642b00df Loading...

	www.sendspace.com/file/2sd6x7	96 B	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen909 Hash 41333df80ffe4ce8e4e90a1493a5321f 523bb2e9c1c09b0afe9c4c23c4ca0fe8d2081bec 38d6a5f4e715944440f6c0b2eac859b6b1ccc765978ec4f166d025c68e0a12ca Loading...

	www.sendspace.com/js/jquery.mousewheel.js?v=dee84722	4.0 kB	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/js/jquery.mousewheel.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:25 Last Seen2024-03-05 20:01:45 Times Seen1213 Hash b7da6a39f0541e588d94021dccce13ae 54b8e10a99d72098dcf7673bee98a56850f1042e d3387ca462670e890fb10dd73998812dbd22be7a2f53ab59a1cfbb349760f3c9 Loading...

	www.sendspace.com/file/2sd6x7	421 B	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/file/2sd6x7 IP 172.64.140.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1179 Hash 7a69c70ec8d2ae8645b2e1c67280610c 132995cbe62dac88fe118e9e20fdb55ea094d7ae 977369c40a76fb310dc8a5e6d599cd691da8828ad226521a2cddd18bb4a4b2dc Loading...

	www.sendspace.com/js/jquery-1.12.4.min.js?v=dee84722	97 kB	2023-03-07	2024-04-19
Pretty URL www.sendspace.com/js/jquery-1.12.4.min.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 19:14:44 Times Seen118542 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.sendspace.com/js/jquery.jstree.js?v=dee84722	134 kB	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/js/jquery.jstree.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen1780 Hash 98aef75bd45b4785276c439ae6794a85 6816c5a0fc15f586f1921525e50e3c45159f0f24 8e3f56ad9404c0b61df42f3bc83e278f45e4fcdd629c34fc4bec4066ef398434 Loading...

	www.sendspace.com/openid/js/openid-jquery.js?v=dee84722	5.4 kB	2023-03-07	2024-04-02
Pretty URL www.sendspace.com/openid/js/openid-jquery.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1594 Hash d2e2ba5347ad6aa07c36ce77a1622fc0 0032a4c5e5dbec342ca10fbb9beb5350f6c3b547 f43eb344dbb92e4f395c1f039c4646ff736ddc9ef4db0e7be6f660b04eba3ba6 Loading...

	www.sendspace.com/jsc/download.js?v=dee84722	1.0 kB	2023-03-07	2024-03-05
Pretty URL www.sendspace.com/jsc/download.js?v=dee84722 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:27 Last Seen2024-03-05 20:01:45 Times Seen1152 Hash 85f0a6452c58a9de3fed1fb70f653f53 94d0a5296fe1934fba412dc88adef3850de0601b 9e7c830e54d0d990671c86bb24edea9aa0fafebcf4f507a1d2f30fb6c389aa48 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b0561f5b02e8111edac8a65c7aa3b541	1.2 kB	2023-03-07	2024-04-02
Pretty Observations First Seen2023-03-07 12:04:07 Last Seen2024-04-02 14:37:28 Times Seen1588 Hash b0561f5b02e8111edac8a65c7aa3b541 e8fe580ab6b1a093090697b00dcdd692a73fff0d 7aaa7e19100620bae8c3a7be33bba31edef54b6e96af40ee7d47afa0da373c38 Loading...

HTTP Transactions (40)

URL IP Response Size

fs12n1.sendspace.com/dl/1b1a92a0930bf5ab96c537e71505a511/63864e9e7b0260b1/2sd6x7/zxwsoft3.309_all_package.rar

69.31.136.53

301 Moved Permanently

20 B

URL HTTP/1.1
fs12n1.sendspace.com/dl/1b1a92a0930bf5ab96c537e71505a511/63864e9e7b0260b1/2sd6x7/zxwsoft3.309_all_package.rar
IP
69.31.136.53:0
ASN
#3257 GTT Communications Inc.

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /dl/1b1a92a0930bf5ab96c537e71505a511/63864e9e7b0260b1/2sd6x7/zxwsoft3.309_all_package.rar HTTP/1.1
Host: fs12n1.sendspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 18:44:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: SID=me9thmbs6099kh5o7vmkv5jns1; path=/; domain=.sendspace.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.sendspace.com/file/2sd6x7?e=2
Content-Encoding: gzip
Vary: Accept-Encoding

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18341
Expires: Wed, 30 Nov 2022 23:50:20 GMT
Date: Wed, 30 Nov 2022 18:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4666
Expires: Wed, 30 Nov 2022 20:02:25 GMT
Date: Wed, 30 Nov 2022 18:44:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5566
Cache-Control: max-age=148766
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:39 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:04:05 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 7F61fTWPjCP0m3PyZ9hu0J/SIBoz2J6JoFCi1LLFfye3AzKvAQP4QNzAIVf9jBaSUnsXb0hKoF4=
x-amz-request-id: MQK9TRYX5ZNZSYFC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 17:45:19 GMT
age: 3560
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 18:18:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1596
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:44:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 2144
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d76bf1aa5860b1b6fdb78e5d99f63804
711f02c23549be66b26740e57d6dc8f771721bc5
314c45c61f4cb1cfb5dfb36c995a29d67c1ea64b341c0cef016826355a1ecf0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158673
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:40 GMT
Etag: "63876d69-117"
Expires: Fri, 02 Dec 2022 14:49:13 GMT
Last-Modified: Wed, 30 Nov 2022 14:49:13 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5559
Cache-Control: max-age=143690
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:40 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:39:30 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9603ed4d5f6605d95747e0c4e961e608
01a5a9022046be1c4d30ef1096803d1f31f54819
21d6b29f5bd59a57616984a8b3f30a3854f222cd167fe29ed40ddc08b5cd42e2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21D6B29F5BD59A57616984A8B3F30A3854F222CD167FE29ED40DDC08B5CD42E2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 00:44:40 GMT
Date: Wed, 30 Nov 2022 18:44:40 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d76bf1aa5860b1b6fdb78e5d99f63804
711f02c23549be66b26740e57d6dc8f771721bc5
314c45c61f4cb1cfb5dfb36c995a29d67c1ea64b341c0cef016826355a1ecf0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=158673
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:40 GMT
Etag: "63876d69-117"
Expires: Fri, 02 Dec 2022 14:49:13 GMT
Last-Modified: Wed, 30 Nov 2022 14:49:13 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

52.88.25.203

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.25.203:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fGbfGrtMzpkpvM24+Fjfxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bDqXXLzoyTC0DeDLdkarhscY/Rk=

cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

104.17.24.14

200 OK

948 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1323)
Size
948 B (948 bytes)
Hash
7ebddc52578cfcef8faf6bae26114686
9355e6820363f0c4ae0d31182aae76531bc82f31
2ca0c9f084305f3c1551e1a6eaa92bfa72fc383a706332ff2deaf7c164bef119

HTTP Headers

GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:44:41 GMT
content-type: text/css; charset=utf-8
content-length: 948
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-f62"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2830393
expires: Mon, 20 Nov 2023 18:44:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYWR32Jb11WL4YWRkAEGVGTbqzBAhdxVxXYq%2B7vLCcMobj4BA465TCBwxbTbKyRcP25mBVXOY02Z0nAsRUpHIt7TF03Rd5mYO8UjgJq%2FWmJAXmYXoushnAkSZ7N7Syka4DgWqr9Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7725bc5dcf821c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

104.17.24.14

200 OK

5.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19802), with no line terminators
Size
5.7 kB (5676 bytes)
Hash
58f4ceec3a7d093bfd1950958cbe154b
caf26cce5c1f0aed15242563d761a49871049862
1e7bb2486d8ebbf38a33a57a9021264ff4979716ed8271630410be0c328a8a34

HTTP Headers

GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:44:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 5676
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-4d5a"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1734143
expires: Mon, 20 Nov 2023 18:44:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc3hB9WHqG%2B7qUIbWGNKQTUEQQDC2exaU3zSEHS6WGNseB6u1CeGrhUK7%2BbQ27J6Fy620%2FTZLVr0TRej80nSX%2FN1yeNlDDHBPAgFMYikuHTLTrTbP6BktZHzNK7R%2FtBX6%2BN1LvUp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7725bc5dcf881c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

873 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
873 B (873 bytes)
Hash
101759a768184e479bff45f2d54e5663
d95aa77e967aa203f056dac3662cbbfed530eedb
e92f4c0735c2b6489904bcdb219ed3ea9259a104423e32ff4ca44b8f328316ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21257
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 18:44:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

792 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
792 B (792 bytes)
Hash
025b60c33f8efa3f62bfaab22a6ae487
537bfe9628179fedfbbe5326821fdc972a691166
055dbf9da0298194b481d8fda2abd2e8a524c632a2ff47e8c25876738e12442c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21257
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 18:44:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21257
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 18:44:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

29 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
29 kB (28935 bytes)
Hash
eaac394fa9bd1283df9efc2c479b1ec1
a945539d6f4e152042e929786adbaacc9bac1ecd
1a1356856bcbac4ff62e7cd3cbeeb83e5a2213cb23bdf757eb452ccf11b05a39

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21257
Expires: Thu, 01 Dec 2022 00:38:58 GMT
Date: Wed, 30 Nov 2022 18:44:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13645 bytes)
Hash
412a40cfd831ca8fbf85c5c0c76d6ef8
8e03dccab1bb4358807a4fa370373227ecfc9cad
f5594998ebaa0936129c391794fa3fa77ada7fde48ed27d3cd1c8993b01a0f7a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 75110
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 74896
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
12 kB (11483 bytes)
Hash
86c2ee6043951f85551d6de731ccde75
b6b7a7b516d426e14aef1fb5012c41bb866294c7
f2c427358f03aa4923f0342d05c59ed1d99b740b80b06e66e5a7f1cb0d69fe9c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 73669
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
8.5 kB (8490 bytes)
Hash
96f871dc1240cd57c6cfc524098cdd9e
e248d85e7f1af2a5e4b351d32246c33a8ee86873
7a97af25c81ec4c46af8ef99229a4d8bfe3c6dfb827bdbaadd222512a4ee15f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 502d7eed-f24a-49e8-b14e-759778b717ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbWQSFNnIAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63879d9b-5eb88e757ff3eeaa26dd7de2;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 18:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrGJk_aF0hgdEXNUAqj74wYkXby2ptGRqWKFi4sxlvs_QN9WhC6vOw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:25:55 GMT
age: 1126
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 49735
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10724 bytes)
Hash
760de11aa55ab6075d2ca3c4d2fe638f
362dffffdaf5b6f56e294a78c450774261b94e91
6210cc2948c3ac6efdcc83e2dae9661020065962e42bdebd08c846b8ebbad21e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 74155
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

16 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
16 kB (16027 bytes)
Hash
4a2accab400afcd670611a35f96bd8b0
90521aa01dfd97b1ff89c37978180d2655f78ac0
fc111093329f537e17dba93652d0c8e9b8ea9064064fcd98b71da01718b6d2e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b1a5da6636cd444028100566c55137cd
0c50a145e941e1aa6e3e2dede461248c67a789a2
bd83c87b7f38d37a7b443b4b7aa7f34b6c127070b332ac4f34d16aa17c6e301a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (20520 bytes)
Hash
90629d53f1fb5ef33edeeb4c06ec43c2
7654afef392b27479366225e9d476ca7ae2d4361
2ecaf4fc5bc4c5e329e0891fcaa074f9e586a79d77163e7d5e996c6413d224bc

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 18:41:08 GMT
expires: Wed, 30 Nov 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 214
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

apis.google.com/js/client:platform.js

172.217.21.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/client:platform.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20987 bytes)
Hash
518ae828643cb8bae3d44c3274475039
37d97f0968c2835f1d74ecbcfdd8af2a8de2d09e
3f7df5e45fd89f29adf9ac7762833046e6f795f3248e7e64a1eb8ed974b50789

HTTP Headers

GET /js/client:platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20987
date: Wed, 30 Nov 2022 18:44:42 GMT
expires: Wed, 30 Nov 2022 18:44:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c1bf9794e37c51aa"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/collect?v=1&_v=j98&a=1945636768&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sendspace.com%2Ffile%2F2sd6x7&dp=%2Fdownload%2Fsky%2F8&ul=en-us&de=UTF-8&dt=Download%20ZXWSoft3.309_ALL_Package.rar%20from%20Sendspace.com%20-%20send%20big%20files%20the%20easy%20way&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1990638904&gjid=308405218&cid=1302571314.1669833881&tid=UA-2221170-1&_gid=408803257.1669833881&z=2031723199

142.250.74.110

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j98&a=1945636768&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sendspace.com%2Ffile%2F2sd6x7&dp=%2Fdownload%2Fsky%2F8&ul=en-us&de=UTF-8&dt=Download%20ZXWSoft3.309_ALL_Package.rar%20from%20Sendspace.com%20-%20send%20big%20files%20the%20easy%20way&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1990638904&gjid=308405218&cid=1302571314.1669833881&tid=UA-2221170-1&_gid=408803257.1669833881&z=2031723199
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&a=1945636768&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sendspace.com%2Ffile%2F2sd6x7&dp=%2Fdownload%2Fsky%2F8&ul=en-us&de=UTF-8&dt=Download%20ZXWSoft3.309_ALL_Package.rar%20from%20Sendspace.com%20-%20send%20big%20files%20the%20easy%20way&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IGBAgEABAAAAAAAAI~&jid=1990638904&gjid=308405218&cid=1302571314.1669833881&tid=UA-2221170-1&_gid=408803257.1669833881&z=2031723199 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Wed, 30 Nov 2022 03:42:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 54130
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs

172.217.21.174

200 OK

106 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (580)
Size
106 kB (106463 bytes)
Hash
056642971d06b7ae6433c0e55578d574
0fc8c88d5637f11a37b5691e51ad0bb5b413e1b6
2e9bcdc188702121c4d301f134b3edeb7cd279b23673550c28226468109523dd

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 106463
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 22:17:49 GMT
expires: Wed, 29 Nov 2023 22:17:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 73613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2221170-1&cid=1302571314.1669833881&jid=1990638904&gjid=308405218&_gid=408803257.1669833881&_u=IGBAgEABAAAAAEAAI~&z=1077850061

64.233.165.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2221170-1&cid=1302571314.1669833881&jid=1990638904&gjid=308405218&_gid=408803257.1669833881&_u=IGBAgEABAAAAAEAAI~&z=1077850061
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2221170-1&cid=1302571314.1669833881&jid=1990638904&gjid=308405218&_gid=408803257.1669833881&_u=IGBAgEABAAAAAEAAI~&z=1077850061 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.sendspace.com
Connection: keep-alive
Referer: https://www.sendspace.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.sendspace.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 18:44:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:44:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10144 bytes)
Hash
83548258e476cc6c326ff2f410b44310
9a30c05732f5c14b0c583eb80ee279daffb6f1dc
f026491e7469c024fcbcd1e9be694abef930e1a6483caa0e1aa09d9278e9cd8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 74634
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.sendspace.com/file/2sd6x7?e=2

172.64.140.36

301 Moved Permanently

0 B

URL HTTP/2
www.sendspace.com/file/2sd6x7?e=2
IP
172.64.140.36:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /file/2sd6x7?e=2 HTTP/1.1
Host: www.sendspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 18:44:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: SID=93j4gsml78nuecad3gffpia2f5; path=/; domain=.sendspace.com
ssui=84a03dd446486e40d55b06e88f89c69d; expires=Mon, 29-Nov-2027 18:44:40 GMT; Max-Age=157680000; path=/; domain=.sendspace.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: /file/2sd6x7
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf2uCwHdTl9mrjkjS0%2B7qR3JNqPoYJd8f5yv4tn%2BvHOjueePflIpAeFcEWKZmk56f16%2BUxu%2Bw3fIRKMEUlT%2Fy94XvYWW9qd40rkwTyFSK2cc99xRBvesdgXl6lWm254Oz%2FC6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bc56fdc7754d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.sendspace.com/file/2sd6x7

172.64.140.36

200 OK

0 B

URL HTTP/2
www.sendspace.com/file/2sd6x7
IP
172.64.140.36:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /file/2sd6x7 HTTP/1.1
Host: www.sendspace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SID=93j4gsml78nuecad3gffpia2f5; ssui=84a03dd446486e40d55b06e88f89c69d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:44:41 GMT
content-type: text/html; charset=UTF-8
expires: 0
pragma: no-cache
last-modified: Wed, 30 Nov 2022 18:44:40 GMT
cache-control: no-cache,no-store,max-age=0,s-maxage=0,must-revalidate
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: lastdl=1669833880; expires=Mon, 29-Nov-2027 18:44:40 GMT; Max-Age=157680000; path=/; domain=.sendspace.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2rkTU2kCUDPbEDq5ohrzsrWD9Pm88%2F2cb%2Fm9zG3o2fdlmpK18DPC8qHaQIj453cvD9svN2jeVC%2FKExUBTrJWOlR%2FK95K1l9hvyHuNNDa8C0cFH%2BRsm9euXKNkWu3EOOUbdj6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bc59a9b7754d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dl2.topfiles.net/files/2/61/34583/ekZ0YXPZU9hMY1k5OGIwL2ZUQWU2eEhHa0Jwa3lpY2FQaDhFYmpLTWs5YlZHVT06OhDHXsRszN_s8hIGnGAYHeA/paintnet-portable-x64_4.3.8.zip

95.216.39.22

200 OK

0 B

URL HTTP/2
dl2.topfiles.net/files/2/61/34583/ekZ0YXPZU9hMY1k5OGIwL2ZUQWU2eEhHa0Jwa3lpY2FQaDhFYmpLTWs5YlZHVT06OhDHXsRszN_s8hIGnGAYHeA/paintnet-portable-x64_4.3.8.zip
IP
95.216.39.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/2/61/34583/ekZ0YXPZU9hMY1k5OGIwL2ZUQWU2eEhHa0Jwa3lpY2FQaDhFYmpLTWs5YlZHVT06OhDHXsRszN_s8hIGnGAYHeA/paintnet-portable-x64_4.3.8.zip HTTP/1.1
Host: dl2.topfiles.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:44:40 GMT
content-type: application/octet-stream
content-length: 93952459
content-disposition: attachment; filename="paintnet-portable-x64_4.3.8.zip"
last-modified: Thu, 17 Feb 2022 06:52:15 GMT
etag: "59999cb-5d83134d95f4d"
x-powered-by: PleskLin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations