Report - k.top4top.io/f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar

Report Overview

Submitted URL
k.top4top.io/f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar
IP
65.21.235.194
ASN
#24940 Hetzner Online GmbH
Submitted
2022-09-26 21:40:29
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	20 kB	23.36.76.226
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	34 kB	142.250.74.170
s.top4top.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	72 kB	104.21.5.137
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.228.200
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
top4top.io	118839	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.9 kB	32 kB	188.165.137.170
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	5.4 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.174
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	3.7 kB	157.240.200.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
k.top4top.io	985927	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	363 B	65.21.235.194
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	2.7 kB	157.240.200.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	k.top4top.io/f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar	Malware
2022-09-26	medium	top4top.io/f-1444me6um1-rar.html	Malware
2022-09-26	medium	top4top.io/downloadf-1444me6um1-rar.html	Malware
2022-09-26	medium	top4top.io/share.js	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/javascript.js?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/reset.css?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47	Malware
2022-09-26	medium	s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 09:30:04 Times Seen46484 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	top4top.io/share.js	2.0 kB	2023-03-07	2024-02-21
Pretty URL top4top.io/share.js IP 188.165.137.170 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-02-21 22:49:51 Times Seen426 Hash d6b05c71ce92a4e0599cf8b731966510 8735a20d053e085fdfe0963cab19b9499e1be457 ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e Loading...

	connect.facebook.net/en_US/all.js#xfbml=1	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/all.js#xfbml=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:00:42 Last Seen2023-03-08 02:00:42 Times Seen1 Hash 53bc61043091c2031ea784c4b10b9845 d428c0449ded892a35b55342cf37a021c99cb0c5 dd53541641ee7baafe8fae4aa2d75be5db280f0a172099fe33c2e6604d713c33 Loading...

	connect.facebook.net/en_US/all.js?hash=5c466d747ea47d7a443a4fc0c698fbb9	324 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/en_US/all.js?hash=5c466d747ea47d7a443a4fc0c698fbb9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:00:42 Last Seen2023-03-08 02:00:42 Times Seen1 Hash a4180f40e6f92706e97b54f2386d2e1e 555e6ffd7d1602c5da5835fe372f1c6a1f4cd659 2e9d36c20eb4c50f43b2723dc50c5d8e6ea42832a5efd3a652a14073d4f6c089 Loading...

	s.top4top.io/styles/default-new-reg/javascript.js?rev=47	5.9 kB	2023-03-07	2024-02-21
Pretty URL s.top4top.io/styles/default-new-reg/javascript.js?rev=47 IP 104.21.5.137 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-02-21 22:49:51 Times Seen340 Hash cdf3da224e93253c294bf58e1ea961a1 81cb0add8af2ae12e21dd9d1a1198015907c30ca 937f0bf91c33631f746a0465609e009b41d9d8dcdea2e370360666a1729a3fa3 Loading...

	s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47	35 kB	2023-03-07	2024-04-24
Pretty URL s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47 IP 104.21.5.137 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-24 21:26:50 Times Seen1327 Hash 281cd50dd9f58c5550620fc148a7bc39 dfb8410ffc10a57d69b81620087c5a0b6027765a 484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306 Loading...

	top4top.io/downloadf-1444me6um1-rar.html	178 B	2023-03-07	2023-04-05
Pretty URL top4top.io/downloadf-1444me6um1-rar.html IP 188.165.137.170 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2023-04-05 02:08:59 Times Seen139 Hash 7cca79abd4b66396ff51573f645d7890 436276681924287a556284472e771d457c6dd572 8f94fa903292113aea39cdde18465542c1fdc1aef6c6310bb82ca498b2309d17 Loading...

	s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47	474 B	2023-03-07	2024-02-21
Pretty URL s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47 IP 104.21.5.137 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-02-21 22:49:51 Times Seen351 Hash 46df8f972024362c123c381a26c27c3e e5fd05956877fa67d9d9237d9069fe3c4c30933f cfa7cfcb56c0960950a50a392063f2463d216ee2b83de0aa011893816e76962c Loading...

	top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111	0 B	2023-03-07	2024-04-26
Pretty URL top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 IP 188.165.137.170 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:02:05 Times Seen37089254 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	top4top.io/downloadf-1444me6um1-rar.html	385 B	2023-03-07	2024-02-21
Pretty URL top4top.io/downloadf-1444me6um1-rar.html IP 188.165.137.170 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-02-21 22:49:51 Times Seen328 Hash 5c66b23713c34b41fcfd9c8d3859e3d7 effc676e205d0dc369d23b887bc65fdc63d707d4 61cd0091d8fe448723f9005c8571bd57c6311bd81642d8f66aa9f56d43d4cbd7 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

		Size	First Seen	Last Seen
	#1 Write - 319800f4411e345c382dfbbc3d3e7c03	219 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash 319800f4411e345c382dfbbc3d3e7c03 6e69bef42c0039908de8e053b02c8a2e606fa4f2 32cc0959c72e045fecbd280a1db3b7594fd23dc7086784ce4b926c127a945085 Loading...

	#2 Write - 8931218400eb65636d062b9af70ea529	197 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash 8931218400eb65636d062b9af70ea529 a1a16a9a3990742eb3a0b47cb6b86222314a4d0f 5aebf81a79aa6138d63750e7e7345f46b38755dce27e2c4341e4a3f856193681 Loading...

	#3 Write - 5171b7fa322ee80d09f08f80c9d8c230	200 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash 5171b7fa322ee80d09f08f80c9d8c230 797353a9dae5aacfee0823f0ada81d9ac4d36975 2589b816c96dd81d0b23c40e1bb6936a6405fae82f7e0894e1602206de685ae6 Loading...

	#4 Write - 4eaae13578e81ebe26ef922f459fdc0b	188 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash 4eaae13578e81ebe26ef922f459fdc0b 82be6d07f5ce6c038246e4d2a0fb317f40a48526 f2ccba596e9158576ab572552207136666e532d3dc5ced8cdce39526016c2a8c Loading...

	#5 Write - db1f186c4cc4c7cc956eafa0c8a7baee	194 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash db1f186c4cc4c7cc956eafa0c8a7baee b061fde3ee7974499ed9dfbeb2b19c97157c0d71 23787a7490f5ec8bb7b1975891b9a4e1b3fd28b6bf5ab3be34cf6f1b2197b97f Loading...

	#6 Write - 429f68e4056f6aaf11e4905419234ca7	197 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash 429f68e4056f6aaf11e4905419234ca7 ac3e1c3b68ba50c0d418b0f204e0be794bbd6e0f 167f79789b120451158b806044d88ad319054e52e8b7ff76535b63e8b5dee4e1 Loading...

	#7 Write - b2fa39759b217c8be2f30c25047cd49c	194 B	2023-03-08	2023-03-26
Pretty Observations First Seen2023-03-08 01:47:33 Last Seen2023-03-26 12:46:59 Times Seen4 Hash b2fa39759b217c8be2f30c25047cd49c f78ab968188db4bf21633ef9b05eae6392251dd9 00acc9f8803de55e1a7921613b563626b4a2d1f05f7247c68b654ab9438ad8c0 Loading...

HTTP Transactions (61)

URL IP Response Size

k.top4top.io/f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar

65.21.235.194

302 Moved Temporarily

138 B

URL HTTP/1.1
k.top4top.io/f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar
IP
65.21.235.194:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
138 B (138 bytes)
Hash
aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /f__pssdqsj1eruhhiljcdxfa/1664299585/1444me6um1.rar HTTP/1.1
Host: k.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: Hotcores.com
Date: Mon, 26 Sep 2022 21:40:18 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://top4top.io/f-1444me6um1-rar.html
Reason: Invalid

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eHk5Ol98EaYrClvzUNeq4iHOqrOwBGE5Dz0SjfP4EuybxEOGAXCMJQ==
Age: 1496

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3507
Expires: Mon, 26 Sep 2022 22:38:45 GMT
Date: Mon, 26 Sep 2022 21:40:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T_Od1Td9s3NRmTZkxICR-2tyG3Sgz8mHpBRJulz11ARrNim7j7Vfww==
age: 61503
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
966d0f3b870beae4b5834819604a8751
524d62ea825b9eb02d866874d30e58c167326a1d
75a52d767c5796aa70a81b19d0348a8e47fb78eddf62b45c2acfe228472d0924

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75A52D767C5796AA70A81B19D0348A8E47FB78EDDF62B45C2ACFE228472D0924"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12190
Expires: Tue, 27 Sep 2022 01:03:28 GMT
Date: Mon, 26 Sep 2022 21:40:18 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 21:40:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

top4top.io/f-1444me6um1-rar.html

188.165.137.170

301 Moved Permanently

256 B

URL HTTP/1.1
top4top.io/f-1444me6um1-rar.html
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
256 B (256 bytes)
Hash
a8fdb4228bad38084ca0c91d3b6f16d6
36af8a22866660580459e9fa516e825530269479
0928622041bbab678f5e4e7dd44d3430855dbd2e7a2db178e92846e90b64ee93

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /f-1444me6um1-rar.html HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 21:40:19 GMT
Server: HotCores
Location: https://top4top.io/downloadf-1444me6um1-rar.html
Content-Length: 256
Content-Type: text/html; charset=iso-8859-1

top4top.io/downloadf-1444me6um1-rar.html

188.165.137.170

200 OK

18 kB

URL HTTP/1.1
top4top.io/downloadf-1444me6um1-rar.html
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Size
18 kB (18017 bytes)
Hash
318a396788dd74073db467228ff9b824
fd1620cc161eece48f46b4f73750fc4ba2bf5416
dedbd5f6e360b356d1ab4fb89e22c4f24befafde6e87921d33c72caca59a367c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /downloadf-1444me6um1-rar.html HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:40:19 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; expires=Wed, 28-Sep-2022 21:40:19 GMT; path=/
klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087; expires=Wed, 28-Sep-2022 21:40:19 GMT; path=/; domain=.top4top.io; httponly
I-AM: US03
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:04:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:04:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

s.top4top.io/styles/default-new-reg/images/newlogo.png

104.21.5.137

200 OK

19 kB

URL HTTP/2
s.top4top.io/styles/default-new-reg/images/newlogo.png
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19068 bytes)
Hash
d68c79880117110f89d39cce5c43d39c
6e30dcd905314f77912b224e35ce089560553300
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d

HTTP Headers

GET /styles/default-new-reg/images/newlogo.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 393446
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F9cFMNuNTgnGmOTTXpqtCY1JrQldrYQc1XvDE9eoH%2B6D0x88UN4dUE3qjwKgoLdunJtg4MU2SeihuiLsQORRwWQ%2Fxo%2BBkXq%2FwcwvHuyn0T7HnX1D0aMaOGSEaZEC%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28453897b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111

188.165.137.170

200 OK

3 B

URL HTTP/1.1
top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with no line terminators
Size
3 B (3 bytes)
Hash
ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5

HTTP Headers

GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:40:19 GMT
Server: HotCores
I-AM: US03
Content-Length: 3
Content-Type: text/javascript;Charset=UTF-8

s.top4top.io/styles/default-new-reg/images/soft.png

104.21.5.137

200 OK

41 kB

URL HTTP/2
s.top4top.io/styles/default-new-reg/images/soft.png
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41248 bytes)
Hash
8cf5d3f055149868fd89971433ed8ece
e877509e97d487b44bdd7203c7e3ca2795963afa
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9

HTTP Headers

GET /styles/default-new-reg/images/soft.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 331436
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE%2Flog95Kxqmeoh814NX5N8CQdV3XbYMmSgkKPZULxIHYKdtsmeTslMpbvwpjOURl8haKYacjYWYwUIri7%2BnpMi9h3NJ4S3gPPWaCKf1hXg0%2BN9ZAScCGLdRIagq%2Fk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28453899b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:04:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:46:14 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6403
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 19:53:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:04:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

connect.facebook.net/en_US/all.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/all.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1686 bytes)
Hash
64eb6ea2af67fb3b551d2b7f6808440e
49b180350512b05ca75e1ca39f75858ee1ea6547
5da8ceed7b71cd3b4b5d7bb3d9e6de38fdac2f098828565b912770bd6f14b8ba

HTTP Headers

GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 53bc61043091c2031ea784c4b10b9845
etag: "2aad945230a54314994c78b80bcb10c1"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Sep 2022 21:54:05 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ZOtuoq9n+ztVHSt/aAhEDg==
x-fb-debug: /iDyfdYOCktstqPlcf9BQ+XSsNg0ee0ZbB4f13OOG6yrCbWsocAEsg2skiav8g39va70AiukfTNaVsNOuRdLFw==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 21:40:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 02:47:31 GMT
expires: Mon, 25 Sep 2023 02:47:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 154368
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

top4top.io/share.js

188.165.137.170

200 OK

2.0 kB

URL HTTP/1.1
top4top.io/share.js
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with CRLF line terminators
Size
2.0 kB (2045 bytes)
Hash
d6b05c71ce92a4e0599cf8b731966510
8735a20d053e085fdfe0963cab19b9499e1be457
ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /share.js HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: application/javascript
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050

188.165.137.170

200 OK

3 B

URL HTTP/1.1
top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
Unicode text, UTF-8 text, with no line terminators
Size
3 B (3 bytes)
Hash
ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5

HTTP Headers

GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 21:40:19 GMT
Server: HotCores
I-AM: US03
Content-Length: 3
Content-Type: text/javascript;Charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6403
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 19:53:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X9JVdip_hA3sjkdXOuDGJS9hZ3cW9MldscRZQoyuK5Km6clH7W9bMg==
Age: 1773

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
d7530f5950e9a2fc1eed4c5903cab20d
6333176f66c6bc3db1adbb5cbd3563ae97ebc92f
3acdcd9127958611fd5a51cd417799a798f80438b352b456bc8eb67bb57539cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Server: ECS (amb/6BA0)
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2662
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:19 GMT
Last-Modified: Mon, 26 Sep 2022 20:55:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

top4top.io/styles/default-new-reg/images/zl.png

188.165.137.170

200 OK

673 B

URL HTTP/1.1
top4top.io/styles/default-new-reg/images/zl.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
673 B (673 bytes)
Hash
5caf58a4705aa53b41535b86b18819a1
d38040f84c6dcc16c40519bf0249ea8097b8e969
20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c

HTTP Headers

GET /styles/default-new-reg/images/zl.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/images/twitter.png

188.165.137.170

200 OK

5.1 kB

URL HTTP/1.1
top4top.io/images/twitter.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
data
Size
5.1 kB (5108 bytes)
Hash
53a97e537591003fc2c5b1b4ef4b614e
f5bde03ab7997d5fdf7483105186823cb91b507a
37bbd1c7523984dc27ae5b80a079e5fd103b2fa63043bb51aa2416e283da38af

HTTP Headers

GET /images/twitter.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/images/facebook.png

188.165.137.170

200 OK

149 B

URL HTTP/1.1
top4top.io/images/facebook.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
db3bdb7f62b49e285e9832638c69f900
de920205859fc86ee6f4f1f9094e5d18cb79a21c
2f14fca8d4650c0b03925d0fffbe73b1fe1ca4f2ad19768cd8ec9eed935c3734

HTTP Headers

GET /images/facebook.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 149
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-95"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

s.top4top.io/styles/default-new-reg/javascript.js?rev=47

104.21.5.137

200 OK

2.3 kB

URL HTTP/2
s.top4top.io/styles/default-new-reg/javascript.js?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (538)
Size
2.3 kB (2274 bytes)
Hash
eadf4202cc6df7c8ad69bce121e532fa
7abb5562983bc096d00f0e793261851b781401b6
c67384e532f01bfc17062432ab423d03631b427ab6802f0c8e758c73bb15380c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 331436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6z0iIkRufvUwnazu1jb8FP9o9VQfHai1X5KgDAfotUx9zXo41s0Z9V8AN1JbvNRphhU%2BZjl9ZL%2Fo6%2F40t0qp%2FUcUdw1dJF59ejDgGyorZwO9COxc5ezYrxuVUgVq64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28452883b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

top4top.io/images/live.png

188.165.137.170

200 OK

761 B

URL HTTP/1.1
top4top.io/images/live.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
761 B (761 bytes)
Hash
0c0038438c6e145f1a4dea683ce7cc28
c1ad87024ddba2eb6544dc7ee3c16b45ba9a3c63
5e5b288b52e9bbb8b9c2449b04da155054023d50ac2ded7954f912be02f4c484

HTTP Headers

GET /images/live.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 761
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-2f9"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/images/reddit.png

188.165.137.170

200 OK

645 B

URL HTTP/1.1
top4top.io/images/reddit.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Size
645 B (645 bytes)
Hash
2a94deb80f88d3f76f263d134b0b1af6
7ef18707f538b89f59cfdb647d2f4f4efe29e23e
38b5f357b4afe9b318ff9bf0806bf69856b80bac27671321097f9840c27e47c7

HTTP Headers

GET /images/reddit.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 645
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-285"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/images/myspace.png

188.165.137.170

200 OK

776 B

URL HTTP/1.1
top4top.io/images/myspace.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
776 B (776 bytes)
Hash
35578456cc898dfd8aa2112c223cdced
1d342dae525f04e2dfc7e097bba4a6881b414b35
956189a17826806990967d4836472550d6ed3a8192c2bc1e679dc3cabe440edf

HTTP Headers

GET /images/myspace.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 776
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-308"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

top4top.io/images/technorati.png

188.165.137.170

200 OK

283 B

URL HTTP/1.1
top4top.io/images/technorati.png
IP
188.165.137.170:0
ASN
#16276 OVH SAS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
283 B (283 bytes)
Hash
f120938135c52cd80b7f37bd5b17daf4
1cb99566ca564dd8a8273a616d072739c58b4290
6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8

HTTP Headers

GET /images/technorati.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1444me6um1-rar.html
Cookie: sid=2N557RK77SEB-Xr90ZV-6j9SM18; klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: HotCores
Date: Mon, 26 Sep 2022 21:40:19 GMT
Content-Type: image/png
Content-Length: 283
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-11b"
Expires: Mon, 03 Oct 2022 21:40:19 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 20:41:09 GMT
expires: Mon, 26 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3551
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.228.200

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.228.200:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0WFgjsaYr9hsKAafW+DSaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NSy4iqJ8jQ/ubRCmByTsOPK3MgY=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 21:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j97&a=550555448&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&ul=en-us&de=UTF-8&dt=hg531tedta%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=454029469&gjid=1579519723&cid=1815627327.1664228418&tid=UA-9340508-1&_gid=1480333908.1664228418&_r=1&_slc=1&z=617260601

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=550555448&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&ul=en-us&de=UTF-8&dt=hg531tedta%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=454029469&gjid=1579519723&cid=1815627327.1664228418&tid=UA-9340508-1&_gid=1480333908.1664228418&_r=1&_slc=1&z=617260601
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

HTTP Headers

POST /j/collect?v=1&_v=j97&a=550555448&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&ul=en-us&de=UTF-8&dt=hg531tedta%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=454029469&gjid=1579519723&cid=1815627327.1664228418&tid=UA-9340508-1&_gid=1480333908.1664228418&_r=1&_slc=1&z=617260601 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://top4top.io
date: Mon, 26 Sep 2022 21:40:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e73b1b2843326%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4ed969ec816c4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e73b1b2843326%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4ed969ec816c4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e73b1b2843326%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4ed969ec816c4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-1444me6um1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: XiL+Q7S73cFmwenkZKWLll7mmpz0Xkggw7YRXZ8lbA7FSyiZx/3XezOiO7tvS/bUAJwcRO8uQYxg652Ho4EKYA==
content-length: 0
date: Mon, 26 Sep 2022 21:40:20 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

15 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
15 kB (14667 bytes)
Hash
8bac55440577e976ba8d04a66c700d26
838f9ec92318eb09138ba1838eb32b694f434362
9e5e333d48525fdcf3f4965fa070fe2dd54ef0ff875bffd699dd143edc3eca3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:40:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:40:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:40:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:40:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6661
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 21:40:21 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6443 bytes)
Hash
3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 84783
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 84844
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14579 bytes)
Hash
f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: igIWZ2IhMA_GIovp4HgIHtGeDt5xoX0iThoQFKjnNJUYP_uMdO7FHw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 00:33:08 GMT
age: 76033
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
age: 84889
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p7rimTrmOgUnwPuESSKSrsWlzhiSBJYx9h8XIacxP8DUyyvXye2iyg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 85825
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5157 bytes)
Hash
2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 84605
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 366880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwe3PkDv2DvL9uNW32OSKuwDe7y2cj1u1OMXHPhnK4Xs5tKxde7T9oGUITUaWSahgSCKLrdyygjfTNGZ%2FcDV6kn4Zc3ANj9Te%2BVjtjPeSq%2Bb9C%2BfYIL3iB0c26jkUDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f2845287fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE1tLIv3rB7Nx1BDOaguK4JfQ0dnXiitum5uKeAqq1DBfBgdJ9ADeUVanJnDhtRSyzharCFD7LmgDTEl2c2lNoOcNN2b9I3YW8tYnUoCMYs1sbEF%2Bb9KLHxdvRmjKPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f2845287bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-1bae7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 331436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFR3E97skfl4W7rR%2F%2B6MfrSTKk82%2Bg5%2B00SmPXzbqcuUMBtQIifoxPw8RvseJwPUCcwMAFxBwREPbEPdrjsbbrpdBbvwUKuUM5uSgNleaho%2BHr4j%2FEUvx04jFe1ghd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f284558c2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/fonts.css

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/fonts.css
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles/default-new-reg/css/fonts.css HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 17514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q5P47rDinToq3dxUQwHAYXVHHbiiLz6RtcRFirM%2FH%2B7lsWJ3fQlW05G3M6MIMM6yTvEll2BwKF399axOJs7ytYpHr15jt8OX9oPL3cKNOHpf8Kh6Omd3QIkqaPZFJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f284558ebb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/font-awesome.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
etag: W/"5e0bab24-578f"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnb48mhVw8IBlmosUPZGTESfsPtnz9vAC1%2BqyO82IvxOaFn5NU74EvIBfsPHmBDKioivG8A4sQZYbpEIyK9ThNrFqxKNUR4DVhOQZVyIFlBfl2NzsR5dO%2B%2BuLwjRh0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28457903b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4wLN9AYqgFg2eQeQlxEYMoZ89FdCZmHx2KKXzjNqVuVcTZNHTFx1ObWVDtwpDqRZ8bCcVNKm2ztcqyoldvoBkr5KN4kCDRPNtzjqqD65%2FSVnVblRY3VEtM6Dev2VWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28457901b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/reset.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/reset.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=1013
etag: W/"57e8eb5d-3f5"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 530888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdYKd%2B99fub3%2FgGBLuMMqN%2B%2FNbnGBU92jdGrisA5ozni5gHdK4C%2FFibKO%2BvXRIau%2BYfvrGbpq7Iq0fdFaaMKOZthA6qgBGAffnygTHfblE2RAZ9tW0tYQt2NOaRexBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28452875b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 256603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZHhqgp41IcIoUVuiZPN9dmvCouSA24k1kn6bBFxnc3b4zmqqkgSpCb4LHU9%2FyxsefL%2FirF0gjnObPrFX3KwPClTjt1m79hvkTdl7BB3eYeh179YqideAXms%2FDTP9jU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f28452879b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47

104.21.5.137

200 OK

0 B

URL HTTP/2
s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
IP
104.21.5.137:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=cc5fa2508471faef8f1133dd6d52ca0ed3421087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 21:40:19 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 530888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVGwD%2B58n6i%2Fg55L4E2sVEIO94rGy%2FMLL7yIzGqAf%2Blw%2B4u6jhoS4ADUY3NVhwjSuzFIHejBKrX7WnZiJvSM%2FOQD9LM4UedefLFMIqiFBkUj%2FNah%2Bm1T6axQu6sZWG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f284548b6b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations