urlquery - report: wetranszfer.com/PayeerBonusExtension.exe

Overview

URL	wetranszfer.com/PayeerBonusExtension.exe
IP	62.113.98.228
ASN	Beget LLC
Location	Russia
Report completed	2022-07-01 16:31:48 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-01	2	wetranszfer.com/PayeerBonusExtension.exe	Malware
2022-07-01	2	wetranszfer.com/PayeerBonusExtension.exe	Malware
2022-07-01	2	wetranszfer.com/lander/new-white/css	Malware
2022-07-01	2	wetranszfer.com/lander/new-white/css(1)	Malware
2022-07-01	2	wetranszfer.com/lander/new-white/css(2)	Malware
2022-07-01	2	wetranszfer.com/lander/new-white/css2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-07-01 12:51:19 UTC	23.36.76.226
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-01 05:33:42 UTC	54.230.111.14
[Mnemonic Passive DNS]	wetranszfer.com (33)	0	2022-01-10 13:42:27 UTC	2022-03-12 18:57:25 UTC	62.113.98.228	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-01 15:56:06 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-01 14:37:30 UTC	52.34.226.44
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-01 14:37:32 UTC	34.120.237.76

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 62.113.98.228

Date	UQ / IDS / BL	URL	IP
2022-07-06 16:22:02 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228
2022-07-05 17:23:53 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228
2022-07-05 17:21:12 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-04 17:01:33 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228
2022-07-04 16:59:30 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-03 16:41:53 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228
2022-07-03 16:40:47 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-02 16:33:14 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228
2022-07-02 16:21:30 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-01 16:32:28 +0000	0 - 0 - 6	xdisciples.com/BTCPlugin.exe	62.113.98.228

Last 10 reports on ASN: Beget LLC

Date	UQ / IDS / BL	URL	IP
2022-08-20 04:53:50 +0000	0 - 0 - 17	appinsecurity.com/	45.130.41.71
2022-08-20 03:01:36 +0000	0 - 0 - 2	stablelife.website/C1DfVss5	45.80.70.203
2022-08-19 23:13:36 +0000	0 - 0 - 28	dmicro.ru/	45.130.41.31
2022-08-18 13:34:09 +0000	0 - 0 - 3	flawless-victory.xyz/	45.80.70.203
2022-08-18 08:19:50 +0000	0 - 0 - 1	kareliya-rt.ru/sem/maw/index.php	5.101.152.35
2022-08-16 14:06:01 +0000	0 - 0 - 2	botmek.ru/share/save.php?file=bAuce2iBMhD3L8L	45.130.41.2
2022-08-16 12:23:50 +0000	0 - 0 - 1	chagatea.ru/wp-content/plugins/super-forms/up (...)	87.236.19.20
2022-08-16 10:03:57 +0000	0 - 0 - 1	ne-moloko.ee/wp-content/plugins/super-forms/u (...)	87.236.16.22
2022-08-16 07:42:24 +0000	0 - 0 - 0	iato.ru/	45.130.41.77
2022-08-16 07:41:22 +0000	0 - 0 - 0	https://iato.ru/	45.130.41.77

Last 10 reports on domain: wetranszfer.com

Date	UQ / IDS / BL	URL	IP
2022-07-05 17:21:12 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-04 16:59:30 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-03 16:40:47 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-07-02 16:21:30 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-30 16:46:50 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-27 20:15:33 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-25 18:36:28 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-18 20:46:54 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-17 20:27:16 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228
2022-06-16 22:03:02 +0000	0 - 0 - 6	wetranszfer.com/PayeerBonusExtension.exe	62.113.98.228

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (50)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F" Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4899 Expires: Fri, 01 Jul 2022 17:53:13 GMT Date: Fri, 01 Jul 2022 16:31:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f877dcf1049551cb05fe926e4b94fb51 Sha1: 2f5c8da538c78853b68ca58a3df5dd64b032291b Sha256: 3e2650132bc75a58c9b08c2a69ec353237f48e840d9d2481f9d5e63d92abbc6f
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Fri, 01 Jul 2022 15:48:59 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: pHYnkH2w1x1J4CPRqMDnw6dyAEOsjr-kWKXFvegujMwPz_OoUScQ2Q== Age: 2555 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 01 Jul 2022 03:26:42 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: _STNmvl-GUhXcPUGrl9WDJ9b1KD5bxLmwGa5Y0EzGAQkjdlfAR4LtQ== age: 47093 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /PayeerBonusExtension.exe HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	62.113.98.228 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 01 Jul 2022 16:31:34 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Expires: 0 Last-Modified: Fri, 01 Jul 2022 16:31:34 GMT Location: https://wetranszfer.com/PayeerBonusExtension.exe Pragma: no-cache Vary: Accept-Encoding Access-Control-Allow-Origin: * --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Fri, 01 Jul 2022 16:31:34 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3067 Cache-Control: 'max-age=158059' Date: Fri, 01 Jul 2022 16:31:35 GMT Last-Modified: Fri, 01 Jul 2022 15:40:28 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a5af35b6c6d203c1f7943571f558c790 Sha1: 832cfc0aff6943cf487e007f97216fd91ee45713 Sha256: 8f1ee2202e24b6dc484d8b6b284ee6d4153e802386344e5edc106b5c1d6a0777
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Fri, 01 Jul 2022 15:38:48 GMT Expires: Fri, 01 Jul 2022 16:11:33 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: PFKm9Sgwtb9WcPVt3wgjJZQKnWt2hS5gXbztMYL2dlOrzrlEa7Knew== Age: 3167 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "47B086DA7193C78EFA474FFCE71AD86772BF974DEA5A5D46180A10659BBFFE10" Last-Modified: Thu, 30 Jun 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21591 Expires: Fri, 01 Jul 2022 22:31:26 GMT Date: Fri, 01 Jul 2022 16:31:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4cf36614242499aa8bdb726666f4705b Sha1: 40119fc7369986245a2d913de601f3fa06891598 Sha256: 47b086da7193c78efa474ffce71ad86772bf974dea5a5d46180a10659bbffe10
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: UjxBwngFCpE2/2K+q5X1JQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.34.226.44 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: oPSEOhbj+q+LQPTUihpBrpgm0pk= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /PayeerBonusExtension.exe HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (732) Size: 8145 Md5: 1c90c72218a1bc0ff406a348805a1d5b$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Content-Encoding: gzip Expires: 0 Last-Modified: Fri, 01 Jul 2022 16:31:35 GMT Pragma: no-cache Set-Cookie: _subid=376l60j155tk;Expires=Monday, 01-Aug-2022 16:31:36 GMT;Max-Age=2678400;Path=/ 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg;Expires=Monday, 31-Dec-2074 09:03:12 GMT;Max-Age=1656779496;Path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: * --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (732) Size: 8145 Md5: 1c90c72218a1bc0ff406a348805a1d5b Sha1: f6ea20cb98f6d4c4a4180f7a9c355b3492a6b67f Sha256: 603cb93ded0f68eca093bbca146d4ce3cb7107fe199dc9b05ca467890ed391a5 Alerts: Blocklists: - fortinet: Malware
GET /lander/new-white/gtranslate-style24.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 1061 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-425" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 1061 Md5: 8732bf2b93f2144e5e0d1d7f9375ec62 Sha1: bd2ee99ab1d73fcadf5ba015aa2754f62542bb86 Sha256: cfb4c5ddf1aad63e1b0e3fcf6b823548de0c8e77ce37ca09df2be94e1055d522
GET /lander/new-white/style.min.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-13a21" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (33533) Size: 10476 Md5: f24a6d81874f0271adf063b9c596ef12 Sha1: 452c03204f022d80adc8dac7a2deee122e7d2d26 Sha256: 4f2b258689e979d9900ed3dc0259671dc12c7dd9f8578c40f963eb2f9f08a926
GET /lander/new-white/uniform.default.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-2059" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (7988), with CRLF line terminators Size: 1803 Md5: c61c80d7304304628f337656a2461d02 Sha1: a74887bdb425fe759dfa18339bef50d96ca8f9e5 Sha256: cd22147a2ead4f8f4f318a21425ce45dc1c3a87150b08217da73b5dcafb919e9
GET /lander/new-white/styles.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 2640 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-a50" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 2640 Md5: 76e12144b6be9bc0a17dd880c5566156 Sha1: c57db768b452aea923a2b083162e9e6ffb98d2f8 Sha256: 070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
GET /lander/new-white/css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 7006 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-1b5e" X-Content-Type-Options: nosniff Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 7006 Md5: c71cc30a26848bb921f2e3f4a7155e49 Sha1: 2da3d58d973fe0224b04b01a33473175b808ebe4 Sha256: 9b7c779ff458b90c28971a4fec58359da12be89d0ed2c382a3b65dc684eb0e9e Alerts: Blocklists: - fortinet: Malware
GET /lander/new-white/montserrat.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 3569 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-df1" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 3569 Md5: 391bf2dcb6b84840990fdba0a54ad924 Sha1: e46ed60e9ebce2608919820dc036bfc22a763bc6 Sha256: 76060639c88c40086fd2375a2621b4a01e6403f31e42b157823cded7049e36aa
GET /lander/new-white/bootstrap.min.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-3102" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (12178), with CRLF line terminators Size: 3097 Md5: b7d4d66c1420383efba25ecdf69391bb Sha1: 300261c6c89870f076bd9c1294d6f95e294d00df Sha256: 9b7575421201089cf6fc21b696a92ff1ce5abb4c1b533947d94b5cbd99ff2fec
GET /lander/new-white/fluidbox.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 1787 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-6fb" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with very long lines (1787), with no line terminators Size: 1787 Md5: 121c12806ee68fe2c3570be090d6485e Sha1: 7928dc536064952cc7e8565f9c931fbba84bc680 Sha256: 9258e397089a9d96824083d1b0aa79807ad5ba79d550c25f0231de0b08de0e0c
GET /lander/new-white/owl.carousel.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-1260" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1167 Md5: e69392c2753c132fc45caebdaa2af29b Sha1: 250088df303aaa60f70291def2f1925c5a5f783f Sha256: 73173fd85bfb12f8cda7f38c301ef0199071a27e7c3b03c0f07c875e128ca1c2
GET /lander/new-white/photoswipe.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 4065 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-fe1" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 4065 Md5: 7dc0df107159e1be66d4464171561e5b Sha1: 309be6861bc1384fbc016110bb083de648505fe4 Sha256: 4174653d2b2ae8ed81d9c0350e2e52717679adb40114d601e20c3068aec51d07
GET /lander/new-white/default-skin.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-2e6d" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 3046 Md5: 84d41e11ace40cff9371a70b0d12a94d Sha1: 87a622b07a3475ce2f44c2d5e644320592e53e42 Sha256: c2c07d239badb85c950e35df6a6f68a9d8d828d558d203cbdd62138d76933072
GET /lander/new-white/fontello.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-32c2" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 2894 Md5: e98136d1ae378b7dc3e13ef693cdad81 Sha1: db4da9d43b359e7dcfb2a7686e15a9720fca7183 Sha256: 9c0264d1c98da5610fb34e5e259920c7623c3c10b9da4f639cd38e3dd14d79df
GET /lander/new-white/slippry.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-2ab2" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1971 Md5: 03e9430f2c3c929f8a06436058bbf8da Sha1: cfb23ec5a6af1aef2e48807cc34c921eafc5f624 Sha256: 440352b4b2f142019f7dbd94760d1caaa2b4b6c940b7f8bd6a9801de87f96f82
GET /lander/new-white/768.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-2239" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: assembler source, ASCII text, with CRLF line terminators Size: 2572 Md5: 553075ef163ccd42bd71a9ff50180459 Sha1: 7c60a1497b78a399d50ef4587a7c3c65f37d5b59 Sha256: 80adf5a4b59bee453cfd54442901507df66922d274a273f8f3a0ee8393546d35
GET /lander/new-white/992.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-1534" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (541), with CRLF line terminators Size: 1511 Md5: 70b6e9c348324766f11889e1e6ddcd9b Sha1: b5434621db86e9bf61f6cdec667748c9b188af54 Sha256: cad340bacae1bb8a25a6c1147cb6e9389113be95f6fabbaa562287e91aaf4682
GET /lander/new-white/magnific-popup.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-1e6d" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 1950 Md5: 940d74755e5536d09c7fa9eb66372652 Sha1: d1d8b8238f080fdedd4015c7da81675c62a802c6 Sha256: 69a629f67d38a1a75391be1ba82c5756821d6bf7aa135e800ec88c679d716621
GET /lander/new-white/style.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 1851 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-73b" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1851 Md5: 2c6ed01b0e6382d5038b81c377894a65 Sha1: 17516eebfb1bccc297e0635aa55385fabc0290e9 Sha256: 4b4cdbf620869186edba7f0c11ade808bc5789fea889e0e0eaa2264a1c7c0300
GET /lander/new-white/main.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-11f0b" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (339), with CRLF line terminators Size: 14764 Md5: b77b61b6ea001599368fbcb466411b3b Sha1: f89352bf639f6f25f6e12bf80b5d50171a4d7f39 Sha256: d57560dcf2240a5b84287a5034395a14d06ed229607c92211b87f3af5abc45dc
GET /lander/new-white/css(1) HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 11506 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-2cf2" X-Content-Type-Options: nosniff Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 11506 Md5: b3e1281452ee59c650e6cc21f8d10fd2 Sha1: 136e6b16167a5a7c8e3410bae97055d1e9175f00 Sha256: d9de43d3d7e628fb5d61235e7925b6f6b1c69dd951afc3060253c5fb7bbce2c3 Alerts: Blocklists: - fortinet: Malware
GET /lander/new-white/wp-fix.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-1273" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1187 Md5: 22578e409c82bc9fcd5c2b141935fa9d Sha1: 26638824d3a7940338592310b5e3c8680a878b14 Sha256: d2799fb6a4f7e3075f514ac4c408d1a2b15a60a70ec15b7864361733a99d2eaa
GET /lander/new-white/css(2) HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 14068 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-36f4" X-Content-Type-Options: nosniff Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 14068 Md5: ba2715ddcb9b48bfda573e1597a944c6 Sha1: 447b7cabbd3ce718d1bfa43be7fc9363cf992935 Sha256: dd83cccd93f17317e61ad7b563c96544d7f80543d2092ad7bdef910df4de444f Alerts: Blocklists: - fortinet: Malware
GET /lander/new-white/css2 HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 7228 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-1c3c" X-Content-Type-Options: nosniff Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 7228 Md5: d2c7d65111e08c884e4a821e6521da93 Sha1: e64d7b439feede094449538d17130e2497fca3a2 Sha256: 8c8555392c67009305b078a67326d1bc85fcdd2f1a02cd84e4b988f02515de2d Alerts: Blocklists: - fortinet: Malware
GET /lander/new-white/translateelement.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-48cf" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (18585) Size: 3621 Md5: b0c0ce8d9807ad5d1ad999393a4716af Sha1: ce2c0db637889fe71f9d4888ffd7a703b37946b9 Sha256: affd377ba635ceec63c27bd7aba3344ba63718de0e3384f85775967b70681903
GET /lander/new-white/js_composer.min.css HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	62.113.98.228 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"62552eaf-78071" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (65358) Size: 46145 Md5: f3580de830f0f4e684b05b346d9d2828 Sha1: 065ee3a94791e8780944007cf1d14c05cfb1df8b Sha256: fd320aae0321e234e4107a2c54f87f5d1b269631a14b82d4f190811780a5af35
GET /lander/new-white/it.png HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 642 Md5: 922efc02f080135a63137dde4ffea287$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 642 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-282" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 642 Md5: 922efc02f080135a63137dde4ffea287 Sha1: a4583be3e579a69a03a0d1f09995fdb6d1244f7d Sha256: 510116996dc4979a225c07962d84bb76e2b6340234c2c5e4280596ad08a632cb
GET /lander/new-white/2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a.gif HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 325472601571f31e1bf00674c368d335$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 43 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-2b" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: 325472601571f31e1bf00674c368d335 Sha1: 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /lander/new-white/translate_24dp.png HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size: 846 Md5: e9cd262114358f26b7608b56905185dc$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 846 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-34e" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size: 846 Md5: e9cd262114358f26b7608b56905185dc Sha1: 6dbde0a96deaab2b529723ce26c62043cf9180ab Sha256: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /lander/new-white/en.png HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1767 Md5: ec7233b5c80e5db85f7733b2ec25203f$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 1767 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-6e7" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1767 Md5: ec7233b5c80e5db85f7733b2ec25203f Sha1: d4c36fff06dc7d920b10eb13b58ea9cd9321b430 Sha256: 347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /lander/new-white/translate_24dp-1.png HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/lander/new-white/translateelement.css Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size: 1842 Md5: c69c796362406f9e11c7f4bf5bb628da$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 1842 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-732" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size: 1842 Md5: c69c796362406f9e11c7f4bf5bb628da Sha1: e489ce95ab56208090868882113d7416abf46775 Sha256: 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /lander/new-white/FB_IMG_1614727419246.jpg HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data Size: 47917 Md5: e60cf71b5940c6657b5f5d3f40fa979e$ 62.113.98.228 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 47917 Last-Modified: Tue, 12 Apr 2022 07:47:59 GMT Connection: keep-alive ETag: "62552eaf-bb2d" Expires: Mon, 11 Jul 2022 16:31:36 GMT Cache-Control: max-age=864000 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3\012- data Size: 47917 Md5: e60cf71b5940c6657b5f5d3f40fa979e Sha1: 63f7079486da279835d7307c76f4d532a3b491fd Sha256: 311e47a5bc9ddf061c4ce53a8695685b1826741c70b8177ee19d0baf25775ff2
GET /favicon.ico HTTP/1.1 Host: wetranszfer.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://wetranszfer.com/PayeerBonusExtension.exe Cookie: _subid=376l60j155tk; 3b7e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OFwiOjE2NTY2OTMwOTV9LFwiY2FtcGFpZ25zXCI6e1wiNjNcIjoxNjU2NjkzMDk1fSxcInRpbWVcIjoxNjU2NjkzMDk1fSJ9.5kog9V7DqfMc5UxGM0iwKTOML_nxyuIjscZ1gPDu8Yg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 70461da8b94c6ca5d2fda3260c5a8c3b$ 62.113.98.228 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx Date: Fri, 01 Jul 2022 16:31:36 GMT Content-Length: 162 Connection: keep-alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 162 Md5: 70461da8b94c6ca5d2fda3260c5a8c3b Sha1: 994bc667720c21257500e29038c1a5f61e25da1e Sha256: f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6623 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:31:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6623 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:31:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6623 Expires: Fri, 01 Jul 2022 18:22:00 GMT Date: Fri, 01 Jul 2022 16:31:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd936a38-7fb2-43eb-b94b-bd2c81ade0b1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6777 Md5: da6177e6bf4587c118780e44a2277b81$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6777 x-amzn-requestid: c005a5ae-e474-43cb-9973-43dd74949627 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ujh1tGKcIAMF3Jw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be168a-25378680023affeb0bffc59f;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:32:58 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 000k2cEQiMmUv5ID8GTy9B1KwjTaNmfTKRd0P7ysMmgXmPx1emJJRA== via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 21:53:10 GMT age: 67107 etag: "3ef7bccae71f2082f56d185cb2e009f35eee08df" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6777 Md5: da6177e6bf4587c118780e44a2277b81 Sha1: 3ef7bccae71f2082f56d185cb2e009f35eee08df Sha256: e49dafb03a8e282c3137b9efa813a9b0da81da02d1f128e40b9609d31d62d9bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1934ff6c-738b-4ee1-a3a7-f172a73da4bd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10798 Md5: 23c2976b6fa0265e05566907f71bd9e3$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10798 x-amzn-requestid: ec008800-0485-48fc-ad7d-1f28baff782f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UjickERbIAMF1NA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be1783-328a674d1742f9c236542ec2;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:37:07 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: o3AnxqrsGxaBlFc3pR1fNbgG8owT3PJgY29iVJBLj3DXcaZYfGX0EQ== via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:03:52 GMT age: 66465 etag: "7db6b42dda26780d3a6cf5c9e3761db08722c630" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10798 Md5: 23c2976b6fa0265e05566907f71bd9e3 Sha1: 7db6b42dda26780d3a6cf5c9e3761db08722c630 Sha256: a706e15acd54d9ffa304b4f931c811c57ba91e4d58c3970794a77eb873be3287
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5924f935-0276-4e17-ba18-fa6068a5ba5a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5364 Md5: 381cdb6fbff5b63b25b18e2d77244459$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5364 x-amzn-requestid: 04b31ed6-a40f-4305-a6b7-f3baf6b30f9c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UT0p_G-3oAMFbOA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7ce3f-51d2cf647ca0a90a1688e057;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 03:10:55 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: OL0DC0TutvwnEaf8Iizovsksx31TJrbZt_N7S6YfkhB6Wed_VVv6Cg== via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 22:04:05 GMT age: 66452 etag: "be19836a433d7f3f6f4a887315a24c202781d62d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5364 Md5: 381cdb6fbff5b63b25b18e2d77244459 Sha1: be19836a433d7f3f6f4a887315a24c202781d62d Sha256: 5bf3d36d33e492f39ab2ce799229fa03eec9658004db0bf2c435697bfe005cb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11303 x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeQW-EnzIAMFSfw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Fri, 01 Jul 2022 07:42:41 GMT age: 31736 etag: "91d2dc48008a198adb2b740bec1843a146f826c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2 Sha1: 91d2dc48008a198adb2b740bec1843a146f826c1 Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1827d75f-c672-481c-b375-38f3a4dca1a1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10806 Md5: 185ef56a78c1076fd412a9253a6778ff$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10806 x-amzn-requestid: c45c649d-fea4-4658-a9ea-bc9eca980bff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UUXJ0FeWoAMF1OA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b80571-730a5081162a24e47634a07b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: _zBbeU2gbvydtxyp8wMOZPCqJN_cEuvVDslPpDPB17DH7IbGsyJ4rQ== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 16:47:56 GMT age: 85421 etag: "6c0e7eb6607d5237a9951aaf5943c2b40c783144" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10806 Md5: 185ef56a78c1076fd412a9253a6778ff Sha1: 6c0e7eb6607d5237a9951aaf5943c2b40c783144 Sha256: 589990fe4de2d7a61820b85ac1033b9ecf01e2f27f907d89312704cdd69bf94a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db634e-e239-4b93-881b-a8655a27d650.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8188 Md5: a00287c642d20230cf09897d4c7cf848$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8188 x-amzn-requestid: 27339e76-dbd1-45f6-b0d3-d60795d3402c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uji5yEvRIAMFoEg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be183e-71771e9a59cd04481fa7155b;Sampled=0 x-amzn-remapped-date: Thu, 30 Jun 2022 21:40:14 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: iyLcPUUXob_B75mtzJaEBU0CV9Qs99qBmJMQB_X1Py5d-CEkrHYiGg== via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Thu, 30 Jun 2022 21:57:04 GMT age: 66873 etag: "bce84b1e6ac56efc7ad37190eeefd129183d2a2b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8188 Md5: a00287c642d20230cf09897d4c7cf848 Sha1: bce84b1e6ac56efc7ad37190eeefd129183d2a2b Sha256: 6e2b5ba420cba4324d3f1232a680ebff32babd2bc7fbc125d16f32b7bdc19b34