Overview

URLh.top4top.io/f_pvlsxgbae4xt6pqzkmuz4q/1670574775/16464bbf11.rar
IP 51.159.67.135 (France)
ASN#12876 Online S.a.s.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-08 20:42:42 UTC
StatusLoading report..
IDS alerts0
Blocklist alert13
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ajax.googleapis.com (1) 12905 2012-05-22 10:38:03 UTC 2022-12-08 17:15:55 UTC 142.250.74.42
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2022-12-08 17:12:05 UTC 157.240.200.14
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 35.162.50.16
firefox.settings.services.mozilla.com (3) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
www.google-analytics.com (1) 40 2012-05-21 09:41:50 UTC 2022-12-08 17:20:06 UTC 142.250.74.46
h.top4top.io (1) 995982 2020-01-17 03:44:59 UTC 2022-12-07 17:26:40 UTC 51.159.67.135
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
s.top4top.io (12) 0 2020-01-05 03:15:20 UTC 2022-12-07 20:37:34 UTC 104.21.5.137 Domain (top4top.io) ranked at: 118839
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
top4top.io (9) 118839 2019-12-01 07:20:12 UTC 2022-12-08 02:36:39 UTC 188.165.137.138
www.facebook.com (1) 99 No data No data 157.240.200.35

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-08 2 h.top4top.io/f_pvlsxgbae4xt6pqzkmuz4q/1670574775/16464bbf11.rar Malware
2022-12-08 2 top4top.io/f-16464bbf11-rar.html Malware
2022-12-08 2 top4top.io/downloadf-16464bbf11-rar.html Malware
2022-12-08 2 top4top.io/share.js Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 Malware
2022-12-08 2 s.top4top.io/styles/default-new-reg/css/reset.css?rev=47 Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.159.67.135
Date UQ / IDS / BL URL IP
2023-01-30 12:15:36 +0000 0 - 0 - 13 h.top4top.io/f_jr6pr8pddyan0hn161bahq/1675247 (...) 51.159.67.135
2023-01-29 02:28:38 +0000 0 - 0 - 12 h.top4top.io/f_nqEK7YcYP9YTn6cVMkv_6A/1675105 (...) 51.159.67.135
2023-01-28 19:05:34 +0000 0 - 0 - 13 h.top4top.io/f_nqEK7YcYP9YTn6cVMkv_6A/1675105 (...) 51.159.67.135
2023-01-26 20:00:40 +0000 0 - 0 - 13 h.top4top.io/f_chphlw2cmnichm5lrzy2ja/1674926 (...) 51.159.67.135
2023-01-12 18:15:53 +0000 0 - 0 - 12 h.top4top.io/f_5oobk-4fmuaorhrw5cetwq/1673692 (...) 51.159.67.135


Last 5 reports on ASN: Online S.a.s.
Date UQ / IDS / BL URL IP
2023-01-31 16:08:59 +0000 0 - 1 - 0 dl.clubic.com/generate/2HbkSG_N9gPaPkEHM7LsQA (...) 51.159.14.59
2023-01-31 13:39:26 +0000 0 - 0 - 13 e.top4top.io/f_6NgP7pSIwFwYx5AOvl169A/1675345 (...) 51.159.67.109
2023-01-31 10:16:32 +0000 0 - 0 - 5 checkyoursms.com/ 163.172.86.184
2023-01-31 08:49:05 +0000 0 - 2 - 1 ga3lala.s3.fr-par.scw.cloud/ga3ga31.exe 51.159.62.7
2023-01-31 07:18:35 +0000 0 - 0 - 6 trustedxshop.com/search.html?key=levitra&t=p1 (...) 51.15.183.210


Last 5 reports on domain: top4top.io
Date UQ / IDS / BL URL IP
2023-01-31 13:39:26 +0000 0 - 0 - 13 e.top4top.io/f_6NgP7pSIwFwYx5AOvl169A/1675345 (...) 51.159.67.109
2023-01-31 05:52:32 +0000 0 - 0 - 1 b.top4top.io/m_1851tmue61.m4a 51.158.152.62
2023-01-30 19:55:33 +0000 0 - 0 - 12 f.top4top.io/f_hwv1BksJTd9tbtOpc3GWRA/1675259 (...) 51.159.59.190
2023-01-30 13:45:45 +0000 0 - 0 - 13 f.top4top.io/f_hwv1BksJTd9tbtOpc3GWRA/1675259 (...) 51.159.59.190
2023-01-30 12:15:36 +0000 0 - 0 - 13 h.top4top.io/f_jr6pr8pddyan0hn161bahq/1675247 (...) 51.159.67.135


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-31 13:39:26 +0000 0 - 0 - 13 e.top4top.io/f_6NgP7pSIwFwYx5AOvl169A/1675345 (...) 51.159.67.109
2023-01-30 19:55:33 +0000 0 - 0 - 12 f.top4top.io/f_hwv1BksJTd9tbtOpc3GWRA/1675259 (...) 51.159.59.190
2023-01-30 12:15:36 +0000 0 - 0 - 13 h.top4top.io/f_jr6pr8pddyan0hn161bahq/1675247 (...) 51.159.67.135
2023-01-29 02:28:38 +0000 0 - 0 - 12 h.top4top.io/f_nqEK7YcYP9YTn6cVMkv_6A/1675105 (...) 51.159.67.135
2023-01-28 19:05:34 +0000 0 - 0 - 13 h.top4top.io/f_nqEK7YcYP9YTn6cVMkv_6A/1675105 (...) 51.159.67.135

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (7)
#1 JavaScript::Write (size: 239) - SHA256: 3de080a748552954ff7a98c5fbf109ba7e60665dc141f617a79c6b7d7c95048a
< a href = "http://cutt.us/share.php?s=twitter&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/twitter.png"
alt = "Twitter" / > < /a>
#2 JavaScript::Write (size: 242) - SHA256: 78e2a39fdb6199c1408ef19596eeddb81613a6af5ec3e86d46d2a8daa198b92b
< a href = "http://cutt.us/share.php?s=facebook&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/facebook.png"
alt = "Facebook" / > < /a>
#3 JavaScript::Write (size: 230) - SHA256: 56913ad814edfdd85f252a1006c1d28dc11ed8a27b88f832cbeb4f5f14375a7e
< a href = "http://cutt.us/share.php?s=live&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/live.png"
alt = "Live" / > < /a>
#4 JavaScript::Write (size: 236) - SHA256: 660c632e64779e0ebf393162c5f055a9c1897f32b04a305a0060814ee59092b0
< a href = "http://cutt.us/share.php?s=reddit&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/reddit.png"
alt = "Reddit" / > < /a>
#5 JavaScript::Write (size: 239) - SHA256: d645a9c2838984d74fd87c99b87195358ccd84f4d9fd27eed1ba21ca063f37ed
< a href = "http://cutt.us/share.php?s=myspace&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/myspace.png"
alt = "MySpace" / > < /a>
#6 JavaScript::Write (size: 236) - SHA256: aa47271b8295a207b5ddf8e05ddafa4e358b508432bc5bda2719c9f0fb1a3067
< a href = "http://cutt.us/share.php?s=sphinn&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/sphinn.png"
alt = "Sphinn" / > < /a>
#7 JavaScript::Write (size: 261) - SHA256: fe8044517d7118c89c73285d5740508596f38b992c680b16311c32729f866949
< a href = "http://cutt.us/share.php?s=technorati&encode=UTF-8&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&title=autodesk-2018-universal-keygen-x32-x64-v3-by-x-force | *-EJD"
target = "_blank" > < img src = "images/technorati.png"
alt = "Technorati" / > < /a>


HTTP Transactions (53)


Request Response
                                        
                                            GET /f_pvlsxgbae4xt6pqzkmuz4q/1670574775/16464bbf11.rar HTTP/1.1 
Host: h.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         51.159.67.135
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: Hotcores.com
Date: Thu, 08 Dec 2022 20:42:31 GMT
Content-Length: 138
Connection: close
Location: https://top4top.io/f-16464bbf11-rar.html
Reason: Invalid


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2188
Expires: Thu, 08 Dec 2022 21:18:59 GMT
Date: Thu, 08 Dec 2022 20:42:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16996
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Thu, 08 Dec 2022 20:42:31 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 20:08:13 GMT
age: 2058
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11162
Expires: Thu, 08 Dec 2022 23:48:33 GMT
Date: Thu, 08 Dec 2022 20:42:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: QqvjCT4kafNk4hTHj38oEA1dJWrI9JNNp6cvcqm3PVQDSC0DjwNiNzlZvRGgMVQcGsr+C8vrp5s=
x-amz-request-id: Y4JZXV0ABR946D19
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 19:48:02 GMT
age: 3269
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A65AB50E7E0F6D7DA6F8460080E9E43144875432098F5F1C7880B1B5044536CB"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12189
Expires: Fri, 09 Dec 2022 00:05:41 GMT
Date: Thu, 08 Dec 2022 20:42:32 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 08 Dec 2022 20:42:31 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /f-16464bbf11-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         188.165.137.138
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Server: HotCores
Location: https://top4top.io/downloadf-16464bbf11-rar.html
Content-Length: 256


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   256
Md5:    0f063197f2e21e48883778b6de29f5c7
Sha1:   d3dee6fc2117bf7dfe9b6c5c03af6e50df7096bd
Sha256: 910d1c7b4724b61fcc39c44321ae6178a28f11022ed98a0ec6b8a2f12be9dab0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 20:07:58 GMT
age: 2074
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /downloadf-16464bbf11-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; expires=Sat, 10-Dec-2022 20:42:32 GMT; path=/ klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f; expires=Sat, 10-Dec-2022 20:42:32 GMT; path=/; domain=.top4top.io; httponly
I-AM: US03
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Size:   18186
Md5:    6cce3647039f8313887407e30960f99d
Sha1:   b8502b5dfa615fd63053d4024a017c8338f32e08
Sha256: 04bafbda0e4649d57d71c7df2e612881ebc1c7bef892cecaacb270a224848236

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Server: HotCores
I-AM: US01
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /styles/default-new-reg/images/newlogo.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 591030
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jd69KNmTkblSZqFlfXgqb9%2FzzfwNERK5oobpbx5qRZO4GHR11D3sNLxZt13p4vhc2tzNll1ONYWfiFAdU1skdGHzwgEbD1n2c7jc4MUw8lA3d7%2BnedBMassgzi2v7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be78b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size:   19068
Md5:    d68c79880117110f89d39cce5c43d39c
Sha1:   6e30dcd905314f77912b224e35ce089560553300
Sha256: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=162798
Date: Thu, 08 Dec 2022 20:42:32 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:55:50 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 18:56:26 GMT
expires: Wed, 06 Dec 2023 18:56:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 179166
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            GET /share.js HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: HotCores
Date: Thu, 08 Dec 2022 20:42:32 GMT
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Thu, 15 Dec 2022 20:42:32 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   2045
Md5:    d6b05c71ce92a4e0599cf8b731966510
Sha1:   8735a20d053e085fdfe0963cab19b9499e1be457
Sha256: ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e028429e39948efb3594c69477a45e26
etag: "bd34066a6a45364d918a92e1f270b8b4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Dec 2022 21:02:09 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JU9M8Nbt5aN/YPVflYlh7Q==
x-fb-debug: fl8G8/II6Yt7Pc2raBtyPYVwP7VmXVTZl9hHZcZjf5La6r8N8CpjqtIvqrV0zeAgTEWYV/4x2BuBEUKpowm/og==
content-length: 1688
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 20:42:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1688
Md5:    254f4cf0d6ede5a37f60f55f958961ed
Sha1:   17d78f5282349ad4fede72ab561f6ee4c0242560
Sha256: cb9be9bd6baabaecd030038b5cbab0613b007d7ea2f6647c2e25114410b5c5f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /styles/default-new-reg/images/zl.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Thu, 08 Dec 2022 20:42:32 GMT
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Thu, 15 Dec 2022 20:42:32 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   673
Md5:    5caf58a4705aa53b41535b86b18819a1
Sha1:   d38040f84c6dcc16c40519bf0249ea8097b8e969
Sha256: 20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
                                        
                                            GET /styles/default-new-reg/images/soft.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyGi%2BbI2Xqppxgpmauqm2yiFbTNvsSv6Vh7ICJmd22gucvAfmk95vr6dZoET6F7e%2F%2FF4UcnzYQMhvQpOi0tWZNwXSt1FKHwPi60xTjOypdXtWCWMQy91zW%2FII5imCQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be7ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size:   41248
Md5:    8cf5d3f055149868fd89971433ed8ece
Sha1:   e877509e97d487b44bdd7203c7e3ca2795963afa
Sha256: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
                                        
                                            GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 560391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YJjdnOHxqCZiPZ9d7yTbPqnJp6ADkPHmOM1xnsU58GwvPkpxR%2FdkZvHVzHF7TdGNLt%2B9%2BBew6W1y70P%2Bkx%2FC8Um1byNEiR0L0%2Bcvjz0CX3CgQHk8As%2Fv2SM%2Fbwjp%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be76b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (474), with no line terminators
Size:   435
Md5:    c270ec872e054b5a1fa82d69e046c94b
Sha1:   ecf40889d685c41075069e96385c3f40b0b610ce
Sha256: 9a6f55da4b8195d658a25bd5dff7745b212dbc7b276db732f0e1e47239c68e0e
                                        
                                            GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 447343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BuRPT5XBBhbqC66h6kUL2A0KRw2xA6VGnfTTlJG1C2Qpr89X8E64VdGotoc%2BK6iNd9TlPRPAaxCelAq23w63VpXQvJ90bi2dJ%2BAqWlf%2FpB5MTJPAxzjDQm6O7hDsyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be71b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (9567), with no line terminators
Size:   2583
Md5:    1dbacce5fe79db1b872a0c6a928907b0
Sha1:   e3d270a771154b9c158b1622dcdc809510a3cf66
Sha256: 7421d537e9963742b424cb8cae5ca5c6644227a804341e24e106f8cbae59aa86

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=162798
Date: Thu, 08 Dec 2022 20:42:32 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:55:50 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4213
Cache-Control: max-age=135273
Date: Thu, 08 Dec 2022 20:42:32 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:17:05 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /images/twitter.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Thu, 08 Dec 2022 20:42:32 GMT
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Thu, 15 Dec 2022 20:42:32 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   385
Md5:    cea04ecdecaebee1062f70f6c0377e9b
Sha1:   d8fc45f070c93f100423bb5e724c2394e0664d29
Sha256: 09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
                                        
                                            GET /images/facebook.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Thu, 08 Dec 2022 20:42:32 GMT
Content-Length: 149
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-95"
Expires: Thu, 15 Dec 2022 20:42:32 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   149
Md5:    db3bdb7f62b49e285e9832638c69f900
Sha1:   de920205859fc86ee6f4f1f9094e5d18cb79a21c
Sha256: 2f14fca8d4650c0b03925d0fffbe73b1fe1ca4f2ad19768cd8ec9eed935c3734
                                        
                                            GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 560391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q36vzXHpZfSMXk35CtTl34XZdmwE3CIb8yDmbBDQeIyLQRbgWeC5aSDaSNY53w%2BY%2BlSKipvFoMTvtM8%2B6ba1jIGGW2ALW%2Bobs7UwhIlIa6Ovn38HRSNradq17rrCHmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400ce7db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators
Size:   941
Md5:    8bf8eae9202fdc512b5c37b78e26fdff
Sha1:   4ecfc9c53ae44327dcf5257381635579e0ac6206
Sha256: 9fb5e0ad4024282394bd26826a906dc4dadf3406deed165cba8163e812443266

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/font-awesome.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
etag: W/"5e0bab24-578f"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 99878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvwrNLaSV3Em%2Fe4x8SU7TF07V6tHCPKlIA%2FF3zlMwQUzQVwR9OKOk09bHTCxge283vT2XPOH9A7Sd5r%2FTqATLcVIRK7lNH1BDx0IBHr5VCppYncQX6tFJbpmCVIk1XQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400ce8bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (21997)
Size:   5397
Md5:    77726e9fa409b612d15569a5b9042fd0
Sha1:   25cae33e56c310502f5f0fe0513ebe204b21ccaa
Sha256: 6b32a170de220e79bd2b6c8a0b3d055e43d738436aaa311d2d1898d162d9fa2b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/sphinn.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-16464bbf11-rar.html
Cookie: sid=mjZhkR7h-dKg84GK20UFJnEnnR5; klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Thu, 08 Dec 2022 20:42:32 GMT
Content-Length: 308
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-134"
Expires: Thu, 15 Dec 2022 20:42:32 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   308
Md5:    95aa9375cbb4bedb87f719c412297b73
Sha1:   0819cdf8762d0d0a8e7187e6838bc8fbc9de51be
Sha256: 5db0d66ddbaf1f37bf7df750e5a86621f5963d836200b6bc9befc140d67f346d
                                        
                                            GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 99878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8wzqlP0PFb%2Fntfg2YwTHm4fShZn%2BYLQCyb1k6bb2fL08Vevcp%2BSp1JJew8lIG66GguzdOsrE896n%2B2XMN6Lxn4dyPYbQAhxH4%2FktcmZ1P0xnDxoXYyhL7rTfTpCKQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be74b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32108)
Size:   10232
Md5:    00466751770b1af74b921ebd74087188
Sha1:   c1d229deb4474e227f6a50ddd636943d14654df0
Sha256: 0dc436effbee075df945e0fe15e64e764465d099f5f89cf7016a6094dbde7ba9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 560391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FWOqcxLxtbe5qOIXYzFSE5I9W9PI7WllIaDGGxmjBm%2B3G1KzxjzgfVGEDZgE0BX0KKtUOuY%2FtPiQFUbbKNwKDAad0belJ9kfwOooUEHcCMd6LEAD8ekG7iknF9tvhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be77b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (538)
Size:   2742
Md5:    fa869c5ee44ad17a0df4aad3773178d0
Sha1:   800a830e0f7cdde8c819a2478dec6eef776cdcf5
Sha256: 59970617dd80cf919404684d411f36a1e5abde84ac93f3992554d5f1a737a459

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   14636
Md5:    7881d835fb748a496d64c8bbda1db375
Sha1:   b948fbc2dee67ac6d1fbb63930f79c81f7d3bf42
Sha256: 491579c3cf2d5bb9be1c6590a267042b57cfe4f88248b6d8f18fd7f5012e0fe9
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 18:46:55 GMT
expires: Thu, 08 Dec 2022 20:46:55 GMT
cache-control: public, max-age=7200
age: 6937
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/all.js?hash=8c2939501382f11f746bf2b0b3650dd1 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a126a83a2c7d9bcc5090d8c45145366c
etag: "b406cb6de5c2f39107d5fd14b81b4e4a"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Dec 2023 18:44:20 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: PE5fQN0eH6UQXoxP0Cq2EA==
x-fb-debug: J7kuQGJygc2G6HnZyKXeUOkpPMyrPJ6FIq9hqL4cDxSVbHEKVw1syFXdxZIN7cprhCAaGv5HG8EPNBpTwcfWrA==
content-length: 88304
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 20:42:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18605)
Size:   88304
Md5:    3c4e5f40dd1e1fa5105e8c4fd02ab610
Sha1:   116aed776fb8709b03fbc2bbcdee10dc1b65f3e3
Sha256: 47541451b0eff6b24119862be7a163a5b3d0df63ccda9273e4c527d1eccc0ad9
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vdvZuf3ysBUgXl3vbl2YSA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.50.16
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VetYos1HuJ2VvmhTw6LoLbnUnUE=

                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670532034441%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Thu, 08 Dec 2022 20:41:56 GMT
last-modified: Thu, 08 Dec 2022 20:40:34 GMT
age: 37
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size:   21675
Md5:    e981c9481287c776dbe583b527c9cf14
Sha1:   23aa3637ac1c937f7f0c47ca64f60fab72856af1
Sha256: 6d2489c74878945288d26d3bc72ff51410f0bc81412b07e12af175a072e04748
                                        
                                            GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1dc3d933b8c642%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff764d387300124%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-16464bbf11-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: zDozt17dHpdJbBDKSjWhocf/BEOJC9CvReAE7aIV4ilNpb07JrAlYr4zYVDFp3Ei7c2iAZ2UMPHMZUgT+byqZw==
content-length: 0
date: Thu, 08 Dec 2022 20:42:33 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15265
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:42:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15265
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:42:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15265
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:42:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 76997
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7268
Md5:    24d89b69ba37bf23c5d576aff4063caf
Sha1:   3d46a21b4da571d7e4962e335c18a28ca5f81ecf
Sha256: 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1NxVGtHN-I6GUi6qSk7qTGZDDdIZk1Io2yP6Abe1mtlMNi12oR8hgQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 20:33:11 GMT
age: 563
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8351
Md5:    98d2cf29c710d25bd2f03ff216fdd369
Sha1:   b8eb2e11f9655f19334befc036f21489a6473827
Sha256: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
age: 80950
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9596
Md5:    c408efaa98ac2ce63bb1618368d10c15
Sha1:   a51bbb49ebd862d04eaee465d0a35b22dcd21391
Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 77159
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7801
Md5:    8c94003641bb5a7595e7004f80f95d22
Sha1:   3446450df60d732f9021d5bfd5f5f7c6c870d9ec
Sha256: 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 76022
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8659
Md5:    b87d6543345f73653ed4a49b37d7c959
Sha1:   c4f26846b8b72293368ff16915d49297cf12bbb9
Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 77916
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12534
Md5:    57be99ac898a37d73f2ba4a24f56248f
Sha1:   04e32eb45581201a6a1863200e4d139df48285e6
Sha256: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
                                        
                                            GET /styles/default-new-reg/css/stylesheet-3.3.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=23881
etag: W/"5e0bab24-5d49"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 99878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4HscuHqYgybQw%2B37tWGbxFoAxFLMNgtSytjiuxPEhTWK5IFdNTdzMPiaaJetscUZ7bckrhr27Ga1EVDbRmeRt6rClUieBxwSgG7AikRQvm3xuF%2Bcxyx6cBSLy5tm18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400ce82b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 99878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcIPD9vvTS3hFP%2FmaLSTECMb%2F%2FsGlRTrykElr%2FJlz7AAKQh0ULPIDiyi%2FHezIy2cmAaFYz5YCdZRs2D3GcGcfMfZwkBkGEudfUgVP%2BYlaRZ6dM1hVgIsys0mydg44JI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400be6eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-1bae7"
expires: Wed, 23 Nov 2022 14:37:07 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 560391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpgjTBXj3pfG1uAO3E9Yqrf1A%2BqBeUY6H6eaRdHzSijJ5LeLrF5FJRPhyIMveuLgnUCcX50sLD4gY8DYkgsM8fPAxMIymEcBY9ZMh9%2B7wcfkYC3g3zt8k%2F%2BIvvXoFX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400ce92b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/reset.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=3a3a3d607e5d4eaeb44a39e2b353b58dc0df688f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         104.21.5.137
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 08 Dec 2022 20:42:32 GMT
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=1013
etag: W/"57e8eb5d-3f5"
expires: Wed, 23 Nov 2022 14:37:07 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 100662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjdWfhjth6mFLDRlJltofCwOMM43pQ%2FwIr6ZL0OuAcJlCyYvRU1ZuXoM%2Bp%2BcTZC5qLsbY1Re8W4SlM8o%2FxabJ3M%2BQojIQ1qxnY9JIZWyvTIzNAyADFz5fA24TC9eKV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77685400ce7cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware