g0td0main.com/purb99d0745f9c8757824933c881516f6b51678e7f13f?q=bit%20detector&s1=afhsiy20ioijnywmilcjzcyi6ije2nty4otizntiilcjycyi6iji1otailcjkcyi6ijg5mta3ncj9fa&s2=mmaa&s3=bit%20detector
200 OK
7639
URL
HTTP/1.1
g0td0main.com/purb99d0745f9c8757824933c881516f6b51678e7f13f?q=bit%20detector&s1=afhsiy20ioijnywmilcjzcyi6ije2nty4otizntiilcjycyi6iji1otailcjkcyi6ijg5mta3ncj9fa&s2=mmaa&s3=bit%20detector
IP
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7639), with no line terminators
Hash
2480f73965882c0cf5e307032531c31c
ed065591a1300580604293e145eb7bf03fd636f3
2cddb737c5b571ff7e5621d4ad8a6e7710bb0fd2b60bc19143a23d39a267aa12
Analyzer
Verdict
Alert
quad9
Sinkholed
GET /purb99d0745f9c8757824933c881516f6b51678e7f13f?q=bit%20detector&s1=afhsiy20ioijnywmilcjzcyi6ije2nty4otizntiilcjycyi6iji1otailcjkcyi6ijg5mta3ncj9fa&s2=mmaa&s3=bit%20detector HTTP/1.1
Host: g0td0main.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:12:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bd_context=yd+oODwAFg+sQBGoKmw5q4HqkRyeom7onuZ4vns24Qs9QmkIHVthxemQZl803uMw74R3WUfpBTpyHHCKxF+FyAyX82a/3gE/aZEw0sZUR4sNRLqYQbbgr1y+0e9HwiFfycwPJSaVtgtnt+bCFmjXJ+Z0tAU1dwcM5anB8HmHCand7N4C6Q6IJEpqcxSHENmHBZIY9DzIs7BRKkaMdadrAgoNWNipaMja9PugsiHKWfHNCiZLwPWrsNtdmMnBgmAX8da341x9Cxri0UG9Varpr6S0FxR3kmQqRO/MiRvzwje4L2HZTx/u3sXTrvgruv91dMEpzkqnfm58IhAlRAhMIVXZBQ==; Expires=Tue, 21 Nov 2023 04:12:14 GMT
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11805
Expires: Mon, 21 Nov 2022 07:28:59 GMT
Date: Mon, 21 Nov 2022 04:12:14 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK
471
IP
Hash
2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:14 GMT
Last-Modified: Mon, 21 Nov 2022 02:32:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12293
Expires: Mon, 21 Nov 2022 07:37:07 GMT
Date: Mon, 21 Nov 2022 04:12:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK
939
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
Magic
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 03:45:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1612
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK
5348
URL
HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
Magic
PEM certificate\012- , ASCII text
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /PARQdXH2QIf6SaznU00qNd653Uh+rP3OtgpxJ7f6Sam2iBDMMOUdKY6RRzT/va8D9bkiY9uQL4=
x-amz-request-id: MVR0QSK54FVCCZ1Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 03:38:59 GMT
age: 1995
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK
12
URL
HTTP/2
contile.services.mozilla.com/v1/tiles
IP
Magic
JSON data\012- , ASCII text, with no line terminators
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 04:12:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK
313
IP
Hash
6defd56699a6a7331729bde3e4a04319
aaa77fb2b25981c501d46c66772ebb443da411bb
d65deadb4ab50e33a582a7fa3e414c639cb58296f73323e71fab14feaf54eca1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: max-age=163601
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:14 GMT
Etag: "637abd01-139"
Expires: Wed, 23 Nov 2022 01:38:55 GMT
Last-Modified: Sun, 20 Nov 2022 23:49:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
g0td0main.com/favicon.ico
200 OK
43
URL
HTTP/1.1
g0td0main.com/favicon.ico
IP
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Analyzer
Verdict
Alert
quad9
Sinkholed
GET /favicon.ico HTTP/1.1
Host: g0td0main.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://g0td0main.com/
Connection: keep-alive
Cookie: bd_context=yd+oODwAFg+sQBGoKmw5q4HqkRyeom7onuZ4vns24Qs9QmkIHVthxemQZl803uMw74R3WUfpBTpyHHCKxF+FyAyX82a/3gE/aZEw0sZUR4sNRLqYQbbgr1y+0e9HwiFfycwPJSaVtgtnt+bCFmjXJ+Z0tAU1dwcM5anB8HmHCand7N4C6Q6IJEpqcxSHENmHBZIY9DzIs7BRKkaMdadrAgoNWNipaMja9PugsiHKWfHNCiZLwPWrsNtdmMnBgmAX8da341x9Cxri0UG9Varpr6S0FxR3kmQqRO/MiRvzwje4L2HZTx/u3sXTrvgruv91dMEpzkqnfm58IhAlRAhMIVXZBQ==
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:12:14 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
dc609414a76abf1e2a6d3ffd2a325d92
8e2322436ee19025cc7eb6bcd6f4a60e38e9910e
af06cf00ae06f8cd82eeb327b8b00b6633c889fa036e84912d0c83b476d94ec0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF06CF00AE06F8CD82EEB327B8B00B6633C889FA036E84912D0C83B476D94EC0"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5380
Expires: Mon, 21 Nov 2022 05:41:55 GMT
Date: Mon, 21 Nov 2022 04:12:15 GMT
Connection: keep-alive
ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637afa9eac002100014e5dda
200 OK
5521
URL
HTTP/1.1
ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637afa9eac002100014e5dda
IP
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5521), with no line terminators
Hash
2efe063c7b446f6b00932aa57ac87c7b
818243c279191ba60c5615bc11075f05a0554a9d
e517454dd247966a8405bba9727cd91178be4c9633a6a2776b90a6ec618054cc
GET /GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637afa9eac002100014e5dda HTTP/1.1
Host: ti-files.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:12:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bd_context=s3IV8b36cV3DsHxMMhHca/A0xFDvauaXTWi78wshmqjXRJbpzCFHWt5TUlQLEv2vNaMtSmVuQtjoDBv7Mn+PWQzvMOcdgXpgQYQh3VvphG21xBbnvqdLP9rMPDPOU28vqjMu4UjVp85C94FjVB+JhZjLAjWvDgOSm8KT4cWBIZjVjROQwc1lP2N52b117MwbUmasKYSUXgdeUWaEzBDS6VQjeqF2aNld/hFirKRQVYy0EykDTBRWfJte0PUhZ+KaSQAeq2q3HRlw0b/iRHqGzk++lcali3LI9AEfWxWiEORbNTIv3qAsfoqDiYZ1VaLnwwiRpbhmh4PwbAmpCsqOt9Ee; Expires=Tue, 21 Nov 2023 04:12:15 GMT
e1.o.lencr.org/
200 OK
345
IP
ASN
#20940 Akamai International B.V.
Hash
ffde8beb1f189460308ca20d2f483991
3a71a1bef42c44a3d47ab3753a21444877a48a6c
a85f52fad117940483b1f0afa40c5343d2d3aeaf5a0bc98692ea61bce5f2c030
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A85F52FAD117940483B1F0AFA40C5343D2D3AEAF5A0BC98692EA61BCE5F2C030"
Last-Modified: Sat, 19 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15107
Expires: Mon, 21 Nov 2022 08:24:02 GMT
Date: Mon, 21 Nov 2022 04:12:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK
329
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
Magic
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 03:25:04 GMT
cache-control: public,max-age=3600
age: 2831
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ti-files.org/favicon.ico
200 OK
43
IP
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: ti-files.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ti-files.org/
Connection: keep-alive
Cookie: bd_context=s3IV8b36cV3DsHxMMhHca/A0xFDvauaXTWi78wshmqjXRJbpzCFHWt5TUlQLEv2vNaMtSmVuQtjoDBv7Mn+PWQzvMOcdgXpgQYQh3VvphG21xBbnvqdLP9rMPDPOU28vqjMu4UjVp85C94FjVB+JhZjLAjWvDgOSm8KT4cWBIZjVjROQwc1lP2N52b117MwbUmasKYSUXgdeUWaEzBDS6VQjeqF2aNld/hFirKRQVYy0EykDTBRWfJte0PUhZ+KaSQAeq2q3HRlw0b/iRHqGzk++lcali3LI9AEfWxWiEORbNTIv3qAsfoqDiYZ1VaLnwwiRpbhmh4PwbAmpCsqOt9Ee
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 04:12:15 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK
345
IP
ASN
#20940 Akamai International B.V.
Hash
ffde8beb1f189460308ca20d2f483991
3a71a1bef42c44a3d47ab3753a21444877a48a6c
a85f52fad117940483b1f0afa40c5343d2d3aeaf5a0bc98692ea61bce5f2c030
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A85F52FAD117940483B1F0AFA40C5343D2D3AEAF5A0BC98692EA61BCE5F2C030"
Last-Modified: Sat, 19 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15107
Expires: Mon, 21 Nov 2022 08:24:02 GMT
Date: Mon, 21 Nov 2022 04:12:15 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK
344
IP
ASN
#20940 Akamai International B.V.
Hash
28750a99b54947d669f388c34d1cb0fe
5ec5e29ce7af57a51db3eabe128126f2b47bc567
9e5f914456f3a41d58f499cb5995002407982f9a21f8a1a809540bb2315f9cfa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9E5F914456F3A41D58F499CB5995002407982F9A21F8A1A809540BB2315F9CFA"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17290
Expires: Mon, 21 Nov 2022 09:00:25 GMT
Date: Mon, 21 Nov 2022 04:12:15 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK
344
IP
ASN
#20940 Akamai International B.V.
Hash
28750a99b54947d669f388c34d1cb0fe
5ec5e29ce7af57a51db3eabe128126f2b47bc567
9e5f914456f3a41d58f499cb5995002407982f9a21f8a1a809540bb2315f9cfa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9E5F914456F3A41D58F499CB5995002407982F9A21F8A1A809540BB2315F9CFA"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17290
Expires: Mon, 21 Nov 2022 09:00:25 GMT
Date: Mon, 21 Nov 2022 04:12:15 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK
471
IP
Hash
27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3473
Cache-Control: max-age=107551
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:15 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 10:04:46 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
200 OK
18688
URL
HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
IP
Magic
ASCII text, with very long lines (65317)
Hash
95d49e491b46f526854d624e40d8af76
5b145ab428cc484ecead4666e01cca7ce6b4dff4
f897fc168379623a0e92c3bb80ff02bc4742ccb555fb094e87dc9b60697a481c
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://soft-mr.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:12:15 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 387932
expires: Sat, 11 Nov 2023 04:12:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r9HfQunmUdL4SJXgwr%2BcWUaa6%2BYoj4O%2B8C0obyoCw3QgI%2BMKJp%2F4p6QbPQESHhS5PbkNrvD8j4RnUBeKjVQ70z8FnmQc%2F9Ht5Seea8WRSnxGZu%2F5VdI2JRpfTq1KtTyjiGhnz4U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d696061ad5b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK
279
IP
Hash
01be7790e5e647835cc2209d4eba5641
04555b27c98a8ad47adc9de1f09986def3636e29
bdd8ec99c27ea683eebf31877e35773a3f625aa1e4e38a3e758985c3f9a20346
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: max-age=131408
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:15 GMT
Etag: "637a3fc5-117"
Expires: Tue, 22 Nov 2022 16:42:23 GMT
Last-Modified: Sun, 20 Nov 2022 14:55:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
200 OK
1119
URL
HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
IP
Hash
4f44a0c228bda5c64ea8efbd21b7774e
8e0c9785d312d61059dcae563c8b1b7515148267
997de5837e81b616a6b928041c2a9a5c2d1934ccfbad5e0b5344f7008d36820a
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://soft-mr.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:12:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 1119
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-c31"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7715267
expires: Sat, 11 Nov 2023 04:12:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmJinPg0j1dNTmxzuYq7NYopU7BCi3Z7b80BRDagiHzz2RujMax%2Bd2taEF%2Bnih6BZuPMgAwnDKMjset1wxWKiaP4ZCN95iXZK1JTaDeC8ZyNOsXFNRvBZifsAuzSMvhNyYEpzTIV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d696062adab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK
279
IP
Hash
01be7790e5e647835cc2209d4eba5641
04555b27c98a8ad47adc9de1f09986def3636e29
bdd8ec99c27ea683eebf31877e35773a3f625aa1e4e38a3e758985c3f9a20346
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: max-age=131408
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:15 GMT
Etag: "637a3fc5-117"
Expires: Tue, 22 Nov 2022 16:42:23 GMT
Last-Modified: Sun, 20 Nov 2022 14:55:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-3.6.1.js
200 OK
85058
URL
HTTP/2
code.jquery.com/jquery-3.6.1.js
IP
Hash
b63967b6aab16e49428df804b8494312
3f2eada3db80465d5daa6685cd8d7334e7abcdfd
c78725cf3d2dbc6f77aaa809b17258bafb341d632c494404ce71c7ee08f4e777
GET /jquery-3.6.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://soft-mr.com
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:12:15 GMT
content-encoding: gzip
content-length: 85058
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-46c14"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669003935.dop010.sk1.t,1669003935.cds202.sk1.hn,1669003935.cds251.sk1.c
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols
0
URL
HTTP/1.1
push.services.mozilla.com/
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XlFK/xjeIhqhEjs2+WAI7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FJEzBZvrfXef8ahOxOXcySuoCe4=
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
200 OK
150472
URL
HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
Magic
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256\012- data
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://soft-mr.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:12:16 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3394388
expires: Sat, 11 Nov 2023 04:12:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsXUnenA4WqXaHRNs%2BQVpDnDiAVQS%2B76QlOlPSoN6Zdse7dNF48Ivn28o46oaA25%2B33inKerSy1CvdFaOqCOTbOSDz%2BklUUXX%2FwF8RL77QDP21DhH1wzKcuF8iiONrGwcD5h9lIJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76d696093c12b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
soft-mr.com/download.php?filename=LxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs&flow_id=BBcIdg%3D%3D&click_id=BAcTJw4GBjo1DwUlBhcIfiEWGXUcJhE4&sourcename=BjkceAwVBnE%3D
200 OK
30952
URL
HTTP/2
soft-mr.com/download.php?filename=LxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs&flow_id=BBcIdg%3D%3D&click_id=BAcTJw4GBjo1DwUlBhcIfiEWGXUcJhE4&sourcename=BjkceAwVBnE%3D
IP
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash
a67d0e1c3411d5d4c11006c259efebe6
2a92d9e3e80527d6a56c2db89a2474741d1b50f3
7c64180b8115b396655af7c7835b06c414ea7b6eec2bb6cab712ddcb2d08acba
GET /download.php?filename=LxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs&flow_id=BBcIdg%3D%3D&click_id=BAcTJw4GBjo1DwUlBhcIfiEWGXUcJhE4&sourcename=BjkceAwVBnE%3D HTTP/1.1
Host: soft-mr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ti-files.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 21 Nov 2022 04:12:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ewd6e%2Fz3ElJt0CBXP4Iwm%2FqPSwr1z9EBpI%2FJUq4YZ9VfenT3DL47EYzhzYMiXO9u32PnLqvxP2dXkrX39ImOWOJIX6xLSjik8tCn49Or0CL297Qfor5ujec2vR4tiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d696051ffbb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK
1462
URL
HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash
7aaa65b84ce257544936de6b09ac2112
fa052022ca285354d81fe11d0cd909ab43575c6c
f3b8f712ac399ab96e84af3a62c049a06d830cef110b5af25f8c1e74582da770
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 04:12:16 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "06F1BEF6E8A8F6B0AC430556CC3C7465ADFED7C6"
Expires: Mon, 21 Nov 2022 15:00:00 GMT
Last-Modified: Mon, 21 Nov 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1989
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d69609bf90b517-OSL
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK
26642
URL
HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
Hash
a26fb8faab229f0423036a0140d89b2a
fae9ac2a81c5226ce7cdd5cc9703444cfc5e19d2
68d9bb893592cb2dcf58d6c8d2ecd05b28275dfe23264e2476596b50d63eea13
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 21 Nov 2022 04:12:16 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+606; expires=Wed, 20-Nov-2024 04:12:16 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK
3619
URL
HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
Magic
ASCII text, with very long lines (18670)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 03:15:37 GMT
expires: Mon, 21 Nov 2022 04:15:37 GMT
cache-control: public, max-age=3600
age: 3399
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
200 OK
75035
URL
HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP
Magic
ASCII text, with very long lines (1613)
Hash
110765e1accf41111543c29721c78b52
3eeceb853d592a297162325f20f0420e136c875a
b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 22:26:47 GMT
expires: Thu, 16 Nov 2023 22:26:47 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
age: 366329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
200 OK
846
URL
HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
Magic
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 03:32:40 GMT
expires: Tue, 21 Nov 2023 03:32:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK
1842
URL
HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
Magic
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 03:53:15 GMT
expires: Tue, 21 Nov 2023 03:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK
472
IP
Hash
d5f44030ae728558d0102445d170b873
a9c2e9ce4d20fe2e8a1656f4f457d9a7fe6ee20e
72f2e03c205a810e0ee66b1ee52f2c32ad4d5e5f8b14c5f26810f281761abc0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 04:12:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
200 OK
43
URL
HTTP/2
www.google.com/images/cleardot.gif
IP
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soft-mr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Mon, 21 Nov 2022 04:12:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:12:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Mon, 21 Nov 2022 08:09:28 GMT
Date: Mon, 21 Nov 2022 04:12:17 GMT
Connection: keep-alive
188.72.236.136
104.16.124.175
23.36.76.226
52.89.114.252
93.184.220.29![URL www.gstatic.com/images/branding/product/1x/translate_24dp.png](/search?q=http.url.addr:"www.gstatic.com%2fimages%2fbranding%2fproduct%2f1x%2ftranslate_24dp.png"){kind=link}
![URL www.gstatic.com/images/branding/product/2x/translate_24dp.png](/search?q=http.url.addr:"www.gstatic.com%2fimages%2fbranding%2fproduct%2f2x%2ftranslate_24dp.png"){kind=link}
![URL www.google.com/images/cleardot.gif](/search?q=http.url.addr:"www.google.com%2fimages%2fcleardot.gif"){kind=link}