Overview

URL https://f.top4top.io/f_39GZ9dWPTwlFT6p2oU7XAg/1656025444/1589kpayv1.rar
IP51.159.59.190
ASNOnline S.a.s.
Location France
Report completed2022-06-21 23:13:39 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-21 2 f.top4top.io/f_39GZ9dWPTwlFT6p2oU7XAg/1656025444/1589kpayv1.rar Malware
2022-06-21 2 top4top.io/f-1589kpayv1-rar.html Malware
2022-06-21 2 top4top.io/downloadf-1589kpayv1-rar.html Malware
2022-06-21 2 top4top.io/share.js Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-06-21 04:47:25 UTC 23.36.77.32
[Mnemonic Passive DNS] s.top4top.io (8) 0 No data No data 172.67.133.128 Domain (top4top.io) ranked at: 118839
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-21 04:45:21 UTC 142.250.74.3
[Mnemonic Passive DNS] ajax.googleapis.com (1) 12905 2017-01-30 05:00:30 UTC 2019-10-16 05:01:16 UTC 142.250.74.74
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-21 04:55:31 UTC 35.81.125.88
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] top4top.io (10) 118839 2021-07-22 14:24:43 UTC 2021-07-22 14:24:43 UTC 188.165.137.138
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-21 13:03:11 UTC 93.184.220.29
[Mnemonic Passive DNS] www.facebook.com (1) 99 2012-05-28 23:09:18 UTC 2022-06-21 04:45:31 UTC 31.13.72.36
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-21 05:09:13 UTC 54.230.111.99
[Mnemonic Passive DNS] f.top4top.io (1) 0 2019-12-11 10:34:58 UTC 2022-06-10 09:31:14 UTC 51.159.59.190 Domain (top4top.io) ranked at: 118839
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] connect.facebook.net (1) 139 2013-09-20 12:03:21 UTC 2022-06-21 04:59:26 UTC 31.13.72.12
[Mnemonic Passive DNS] www.google-analytics.com (2) 40 2017-01-30 05:00:06 UTC 2022-06-19 22:53:55 UTC 142.250.74.174
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-21 07:58:41 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 51.159.59.190

Date UQ / IDS / BL URL IP
2022-07-05 16:44:47 +0000
0 - 0 - 8 c.top4top.io/f_ebytsg0jbdd5v6jwepufpa/1657204 (...) 51.159.59.190
2022-07-05 16:34:05 +0000
0 - 0 - 6 c.top4top.io/f_ai4rfoq0go9mttu0bvnyjw/1657204 (...) 51.159.59.190
2022-07-05 16:34:01 +0000
0 - 0 - 7 c.top4top.io/f_sz9ufywz12pkah0nvkueoa/1657204 (...) 51.159.59.190
2022-07-04 22:25:25 +0000
0 - 0 - 8 f.top4top.io/f_f5yqibiuu9r87o4gw1waka/1656885 (...) 51.159.59.190
2022-07-04 15:54:50 +0000
0 - 0 - 6 f.top4top.io/f_ft6zkh-lmqufzhfedk55oa/1657112 (...) 51.159.59.190
2022-07-03 22:26:15 +0000
0 - 0 - 11 c.top4top.io/f_wesae6l6uko8hxcig9yl5a/1656882 (...) 51.159.59.190
2022-07-03 01:59:05 +0000
0 - 0 - 7 f.top4top.io/f_f5yqibiuu9r87o4gw1waka/1656885 (...) 51.159.59.190
2022-07-03 01:59:29 +0000
0 - 0 - 4 c.top4top.io/f_imvy9axethbaihxnxbp8lq/1656882 (...) 51.159.59.190
2022-07-03 01:58:57 +0000
0 - 0 - 11 c.top4top.io/f_wesae6l6uko8hxcig9yl5a/1656882 (...) 51.159.59.190
2022-07-02 23:24:15 +0000
0 - 0 - 7 f.top4top.io/f_4pYrQm7-PWo1DRgwfeKGSA/1656939 (...) 51.159.59.190

Last 10 reports on ASN: Online S.a.s.

Date UQ / IDS / BL URL IP
2022-07-06 01:52:50 +0000
0 - 0 - 3 mediaget.com/installer/mediaget_installer_467 (...) 51.158.184.220
2022-07-06 01:51:54 +0000
0 - 0 - 4 ilduomo.fr/ 51.159.19.231
2022-07-06 01:31:43 +0000
0 - 0 - 1 hemman490.s3.fr-par.scw.cloud/harman_html.html 51.159.62.7
2022-07-06 00:49:45 +0000
0 - 0 - 1 dicom-ac.fr/ 51.159.19.231
2022-07-05 23:51:46 +0000
0 - 0 - 5 ilduomo.fr/ 51.159.19.231
2022-07-05 23:45:45 +0000
0 - 0 - 3 agnesldsteeg.fr/ 212.129.42.252
2022-07-05 21:31:44 +0000
0 - 0 - 9 e.top4top.io/f_pbydr4xsj2xzjgxincsl3a/1655737 (...) 51.159.67.135
2022-07-05 21:31:25 +0000
0 - 0 - 6 d.top4top.io/f_imis3uxggxprj6e8vevbfw/1655737 (...) 163.172.36.88
2022-07-05 21:31:25 +0000
0 - 0 - 6 d.top4top.io/f_q1tucsr02jmecd2ikpfg5q/1655736 (...) 163.172.36.88
2022-07-05 18:25:28 +0000
0 - 0 - 1 yvette-mure.com/video-exe/video4.exe 62.210.16.61

No other reports on domain: top4top.io



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 219, repeated: 1) - SHA256: a5d8207b04b27f5d8a8fb3fffb4a8302ca63140c8eebc29937878cc5853b7859

                                        < a href = "http://cutt.us/share.php?s=twitter&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/twitter.png"
alt = "Twitter" / > < /a>
                                    

#2 JavaScript::Write (size: 222, repeated: 1) - SHA256: 98a9fcb9c17d49d9c600f3f4fa9dbfccca7ee1654bb13dd4d7a1ed65be0f94ac

                                        < a href = "http://cutt.us/share.php?s=facebook&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/facebook.png"
alt = "Facebook" / > < /a>
                                    

#3 JavaScript::Write (size: 210, repeated: 1) - SHA256: 6494ed89516f60396fd2f2d056a16e31a4b341b9398f91c2426b5336aaa92c17

                                        < a href = "http://cutt.us/share.php?s=live&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/live.png"
alt = "Live" / > < /a>
                                    

#4 JavaScript::Write (size: 216, repeated: 1) - SHA256: ce9fe8a5927276c329bb97f4c1be54dd52c9b77a860c8a81635b6a8f507f3536

                                        < a href = "http://cutt.us/share.php?s=reddit&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/reddit.png"
alt = "Reddit" / > < /a>
                                    

#5 JavaScript::Write (size: 219, repeated: 1) - SHA256: 174ef6652998fce23844bf6e5b95bfecf8a86f30e4500bc3e8a450e95f58f77f

                                        < a href = "http://cutt.us/share.php?s=myspace&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/myspace.png"
alt = "MySpace" / > < /a>
                                    

#6 JavaScript::Write (size: 216, repeated: 1) - SHA256: 83fce010ce49b19a43a489515c21157c91b5b6c97310079b395dc959c6237f0c

                                        < a href = "http://cutt.us/share.php?s=sphinn&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/sphinn.png"
alt = "Sphinn" / > < /a>
                                    

#7 JavaScript::Write (size: 241, repeated: 1) - SHA256: 8bd50c91a57fe1c50613a6cabac72aa83154eb63970bea207c8fa7db18ffbc06

                                        < a href = "http://cutt.us/share.php?s=technorati&encode=UTF-8&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&title=All-in-One Checker Version 4.9.8 | *-EJD"
target = "_blank" > < img src = "images/technorati.png"
alt = "Technorati" / > < /a>
                                    


HTTP Transactions (47)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 21 Jun 2022 22:42:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 36LDhcH4brxLPX3BkHSpune9Q1vzzbEfInrnaWuPYFcAlybRHpKSZQ==
Age: 1835


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D69BCE21B0054D4C12B19B0D71E51C7A56F6F28E8F0E2193836EFD9CA3231098"
Last-Modified: Tue, 21 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1944
Expires: Tue, 21 Jun 2022 23:45:47 GMT
Date: Tue, 21 Jun 2022 23:13:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4535
Expires: Wed, 22 Jun 2022 00:28:58 GMT
Date: Tue, 21 Jun 2022 23:13:23 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
date: Tue, 21 Jun 2022 02:10:51 GMT
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: evc0qQlwtpzp8qsMQUuvd_cZ-ET6TUeiV-R0pHiBlCD7krRqTUO1DA==
age: 75753
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /f_39GZ9dWPTwlFT6p2oU7XAg/1656025444/1589kpayv1.rar HTTP/1.1 
Host: f.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         51.159.59.190
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 21 Jun 2022 23:13:23 GMT
content-type: text/html
content-length: 138
location: https://top4top.io/f-1589kpayv1-rar.html
reason: Invalid
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 21 Jun 2022 23:13:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /f-1589kpayv1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.138
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Server: HotCores
Location: https://top4top.io/downloadf-1589kpayv1-rar.html
Content-Length: 256


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   256
Md5:    2d1ab47839ce3e743db0ccb6fc734c0d
Sha1:   6663b77af3710de53eaecc19c23628a179e84fad
Sha256: 9f8e133042118b3342bc158d3d591c117fe62a7309a5e6e7d9e4f9b4c785557c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /downloadf-1589kpayv1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; expires=Thu, 23-Jun-2022 23:13:24 GMT; path=/; domain=.top4top.io; httponly
I-AM: US03
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Size:   17375
Md5:    44747d53a926eb002a3f22babb4c7a4f
Sha1:   98c09c254112f7688d1474e2b83983ea4bdad522
Sha256: c68b5df07a16808617af82dfab28ea00e72f13fa655ff4de1e7e8250d601ecb9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/images/newlogo.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 546920
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG62drfsYruzOx7PqLmI%2BMd0iYDhrmUfcgG5Z%2B3PgXZhAVxzSOlPo3m6g5NZXP%2BzAaKNU5tK6sFoc9WijNs0Wi04ga2uhoYGE300VkuytSy6hwnS5Lk3tskB1GZsIMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f419f5eb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size:   19068
Md5:    d68c79880117110f89d39cce5c43d39c
Sha1:   6e30dcd905314f77912b224e35ce089560553300
Sha256: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
                                        
                                            GET /styles/default-new-reg/images/soft.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 52211
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObJeu%2Br7ZX9sz46rpiRrQQHrnXsrQ179j3YTuQnEkn3C33PyHGFqW3%2B2TQG3UaHLsXFAgUIQuk6pf2OXrloFvOdjTOQQcthoTaPA6dBblLZuXrIWh4ob9C3X72Wwfos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f41af67b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size:   41248
Md5:    8cf5d3f055149868fd89971433ed8ece
Sha1:   e877509e97d487b44bdd7203c7e3ca2795963afa
Sha256: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5300
Cache-Control: max-age=170843
Date: Tue, 21 Jun 2022 23:13:24 GMT
Etag: "62b2343b-1d7"
Expires: Thu, 23 Jun 2022 22:40:47 GMT
Last-Modified: Tue, 21 Jun 2022 21:12:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /share.js HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:24 GMT
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Tue, 28 Jun 2022 23:13:24 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   2045
Md5:    d6b05c71ce92a4e0599cf8b731966510
Sha1:   8735a20d053e085fdfe0963cab19b9499e1be457
Sha256: ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 901f23420ac59a6bb9c5a4c3c3b0cd89
etag: "98d527b06474d67d49f6084edaa0fa72"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Jun 2022 23:25:51 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: qUPFxcpmj629nsiMR7aP/w==
x-fb-debug: 0kGnb59e7Sfg2BOTyF82bxQF7q6G0arMWQgSbLDW4JILPqwGKJuz0rhSggCfi5z+g+gBUb+HUpGiojfBGPdXVg==
content-length: 1688
x-fb-trip-id: 1904183273
date: Tue, 21 Jun 2022 23:13:24 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1688
Md5:    a943c5c5ca668fadbd9ec88c47b68fff
Sha1:   eeed7d1e3dc0373e8912de84d9aa8f20ca1f880f
Sha256: f2de71dcf9964f0a8f8f8ae2a54c0d7e30b5e84d3c3653ccd2e77f997f82c3cf
                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Jun 2022 15:42:34 GMT
expires: Wed, 21 Jun 2023 15:42:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 27050
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 438223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLJvX8OJOlK2jtwKdCrF9CzzZhwmeC9iC2NNB1C6htZnEtxsALumsKVMKSbF8a%2Fc3P2P8FJRU%2B1pDj3TevBa9xG4CnAvbFtT%2BzZ5lo8WBsNijb5J7YYGkcu79Aj8gBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f419f5ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (538)
Size:   2437
Md5:    fa6bdb64d2cbfdcb1b98946c04f38464
Sha1:   141f5966c8cd95572df828d43949677a46993e8f
Sha256: 8732e1aa42e8c07d8ab01d6bdc7fff8e2194c5a33485c0e9ff484dd0ff256ca6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 59454
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZSNiOQERjo6t2MnpngaJg6wdSGwB7COKH%2FoS%2BkDRxKKepA%2FB0RRTM6dAx8ndbMb3ZVCtB74MyNiq76tPAuJ19xJqKyGNDeOHMgZk0sOkk1%2BFa96y7zs2tUX0fMWtq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f419f53b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators
Size:   651
Md5:    ddb7b93198172f69289a67e9afc439b8
Sha1:   c9aa6ef7d1981bca9b67f66623a05c3e99f8afe6
Sha256: 2a5869b5c80d7663abd32073865ad64eb68b92a489054e416cd94b64445dd121

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 23:13:24 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 21 Jun 2022 22:19:25 GMT
Expires: Tue, 21 Jun 2022 22:39:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oIxlhmzN6nK_JS2ps7Dccgup1Ajr9fecUc7aJvfD6lCShOpfSDa6og==
Age: 3239


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /styles/default-new-reg/images/zl.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:24 GMT
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Tue, 28 Jun 2022 23:13:24 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   673
Md5:    5caf58a4705aa53b41535b86b18819a1
Sha1:   d38040f84c6dcc16c40519bf0249ea8097b8e969
Sha256: 20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
                                        
                                            GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 170759
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z28AQPgjWE4qGq4e3RHreM40y6wc2%2BnwSZx6sNEa1qLb4FkIPKr1lUoIvIyZ72QkzqAr5vpPb9Vf31hbF9DMcsrD7ja4QNGNR%2FmAuMtgnS8CCNTNFwN3EeWPNUakZwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f419f57b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (474), with no line terminators
Size:   451
Md5:    f473a008da52c95591b81547629d43f7
Sha1:   f15fd19a931e3c409338f6f91059a8cfcf66e9df
Sha256: 9b8351e5516a673e98655cb7421a3765ed872c30f9a382fdc660cbb8aec96b30
                                        
                                            GET /images/twitter.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:25 GMT
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Tue, 28 Jun 2022 23:13:25 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   385
Md5:    cea04ecdecaebee1062f70f6c0377e9b
Sha1:   d8fc45f070c93f100423bb5e724c2394e0664d29
Sha256: 09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
                                        
                                            GET /styles/default-new-reg/css/fonts.css HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 170759
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv7QEWIH8cqcOqs4jyailSt2WpLUgjfLZ4QBbyC1TaX28I8RqPF669ZBjvxenC4Z19ufqHic2tN6%2Btb56AYm0dASc1U6ekJONIdo7k1dKOJKo%2B2%2Be4qkApHXvOWdxIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f420fcdb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators
Size:   329
Md5:    9a13197a5809bf4674409e3acaae63e1
Sha1:   c806204f5498bf5bbffea7c4ac5b89fbf31e76ad
Sha256: 3d70799083be28a902f49fadf52d0f2d419efe048985857e2f5f12ba76c3e306
                                        
                                            GET /images/live.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:25 GMT
Content-Length: 761
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-2f9"
Expires: Tue, 28 Jun 2022 23:13:25 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   761
Md5:    0c0038438c6e145f1a4dea683ce7cc28
Sha1:   c1ad87024ddba2eb6544dc7ee3c16b45ba9a3c63
Sha256: 5e5b288b52e9bbb8b9c2449b04da155054023d50ac2ded7954f912be02f4c484
                                        
                                            GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 421047
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnsD9jaFsGa4jee63JDhaC5xfJCBLr0KW51fPRvAdrj83tYv97EWdWX3T2a2KKLDEuT2gkzxnLHOEEUCpSrxedGMU7vk%2F3auwBmVmxxCcO5%2BfjVHHobuAJqqzOK7u50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f419f55b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (9567), with no line terminators
Size:   3057
Md5:    0555689fe4a34b51253b5d91228e0da5
Sha1:   8d863698fa96b7fb89bd8d6cd53113ab6a3287fa
Sha256: 1ad0ee51f17eb7389c07c9e970fa31362f3f1c2489102089c611aaacbc062a9a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 23:13:24 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 170759
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMJ0fX4C4WNuDd49nxfy0UfthxWlk0TcD7Or8IlQmKcwvjPNpP8hU6W1ikNFNpj009KS%2FWH90dWHK0jMXTEJKZxQFqq7RpySsh31ygwNk%2Bd8PpfaWx5IBaYIYMMQqQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71f06f41cf84b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53270)
Size:   4686
Md5:    d40589f11438c0d4edafb5191593ac1f
Sha1:   e048fe4fe6ff793cb967ff4cc9de83fa39f42e82
Sha256: 73fcacacd2331b95a19cd6e76623a5e28fce42ca45b15d70d3932a903ab8254c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/sphinn.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:25 GMT
Content-Length: 308
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-134"
Expires: Tue, 28 Jun 2022 23:13:25 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   308
Md5:    95aa9375cbb4bedb87f719c412297b73
Sha1:   0819cdf8762d0d0a8e7187e6838bc8fbc9de51be
Sha256: 5db0d66ddbaf1f37bf7df750e5a86621f5963d836200b6bc9befc140d67f346d
                                        
                                            GET /images/technorati.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1589kpayv1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=b24e4419771821337de1baeb65d79c7195d691b1; _gid=GA1.2.976682888.1655743560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 23:13:25 GMT
Content-Length: 283
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-11b"
Expires: Tue, 28 Jun 2022 23:13:25 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   283
Md5:    f120938135c52cd80b7f37bd5b17daf4
Sha1:   1cb99566ca564dd8a8273a616d072739c58b4290
Sha256: 6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 23:13:25 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 21 Jun 2022 22:41:13 GMT
expires: Wed, 22 Jun 2022 00:41:13 GMT
cache-control: public, max-age=7200
age: 1932
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XVnM4tYf//8WnSdhTFTwmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.81.125.88
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 67G+14XN6o546CxY/Bk7rEE2XKc=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 23:13:25 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j96&a=179833338&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&ul=en-us&de=UTF-8&dt=All-in-One%20Checker%20Version%204.9.8%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x1024&je=0&_u=AACAAEABAAAAAC~&jid=253321377&gjid=672608956&cid=1841955378.1654357939&tid=UA-9340508-1&_gid=976682888.1655743560&_r=1&_slc=1&z=1049101850 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
access-control-allow-origin: https://top4top.io
date: Tue, 21 Jun 2022 23:13:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    38684612f0c6bb6dfa16da92f4a6878f
Sha1:   6fe62d0dd7db314b7f9bb945672f078e01d27f0f
Sha256: a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
                                        
                                            GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31d3f770c386d6%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff2fd82110b3316c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-1589kpayv1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
                                        
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: sjR8j60ndh8uOlHN2CGs+pyPKSZNW+sLXAgU5agMoFpBXUgYZZbc/OgmP5RlMue/xna+CNZNlWtfSTIFK+Th7Q==
content-length: 0
date: Tue, 21 Jun 2022 23:13:25 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Wed, 22 Jun 2022 00:07:10 GMT
Date: Tue, 21 Jun 2022 23:13:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Wed, 22 Jun 2022 00:07:10 GMT
Date: Tue, 21 Jun 2022 23:13:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Wed, 22 Jun 2022 00:07:10 GMT
Date: Tue, 21 Jun 2022 23:13:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Wed, 22 Jun 2022 00:07:10 GMT
Date: Tue, 21 Jun 2022 23:13:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Wed, 22 Jun 2022 00:07:10 GMT
Date: Tue, 21 Jun 2022 23:13:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefc9aa7b-c49b-4375-9764-a218072b5d48.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8069
x-amzn-requestid: a6f30c3c-bb94-4118-a81e-d9e3173ca92b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VMEHDnIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae68b3-44d1d4cc54df3a9726ab2255;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:07:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rfke-_NFIfw8Jx_vHPn6BwHCWR0kakktloMb9r24c01GNB14aK3w9g==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 00:52:32 GMT
age: 80454
etag: "9f5b2a85b5831db43a15d24e21ec9782f2ee3159"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8069
Md5:    f18cd5f62a10fc3776d8b6f3897020bc
Sha1:   9f5b2a85b5831db43a15d24e21ec9782f2ee3159
Sha256: 50322ea5f7ce4b9dc2e18b68c613546c3a622b91d0beb0baeec8149321cea5bf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1a46c58-48d5-40b9-801c-d038050c27a4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4677
x-amzn-requestid: a264fabe-79fd-4bb8-9866-c3831f61c1c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T3WhtFG3IAMF-pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ac6ad7-2599be5b4cd12c5f731ee9f1;Sampled=0
x-amzn-remapped-date: Fri, 17 Jun 2022 11:51:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ISvOBf_WO9xDc1xsnGYfE1st0E6dM0WpC8ZU8IpMETrFbitva64iOg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 00:32:27 GMT
age: 81659
etag: "d18433358099bd4d6af5601f9be359c9eda4642b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4677
Md5:    76507ba6c8ecdddf85fdce8e556d8341
Sha1:   d18433358099bd4d6af5601f9be359c9eda4642b
Sha256: 2b26a340e0fa63198d933136b62b5aa59332b6c2b3b11c8367ef2f2d46d9255c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35047430-55a7-4bc0-8f13-3c1a0222fb17.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5460
x-amzn-requestid: c3127dcb-8f17-4906-95f0-9dad693eeaee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VMpF2woAMFa-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae68b7-5b99e987073cb76b42f246ae;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:07:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-LOI4JINANLeMNdnFQxxRsOdoEbW9L5Es90j4PAvu2LRnnHZGPCag==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 01:31:38 GMT
age: 78108
etag: "486af4712134398a87e28eb15542e6ec7a6b58f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5460
Md5:    9a0845d2cc570a323170a9984c7ec7d3
Sha1:   486af4712134398a87e28eb15542e6ec7a6b58f5
Sha256: 53f57f6f3c97389a6796809ba8cef1dadfec0b593787df97ef2ed51f10188a82
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ac704cd-e5c9-493d-8b2f-1f18a654592a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11617
x-amzn-requestid: f7b3bd15-a99a-497e-b6d5-56ec5a83e25c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TokKFHePoAMFS5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a680a6-621ed21c46f01d2d711caf82;Sampled=0
x-amzn-remapped-date: Mon, 13 Jun 2022 00:11:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: F3O9QxGEual4dDkvy2msRb4BNqi8_-BDLpmV6CJNypaRq9QYLLwQbA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 4c19973ee1875e6ec362c34e124d0998.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 05:09:47 GMT
age: 65019
etag: "04402ddff8376f7e195395d21e8641f2c1c75e9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11617
Md5:    74cef04548287de5da3bb562ad77e9a9
Sha1:   04402ddff8376f7e195395d21e8641f2c1c75e9f
Sha256: ccbb44ec605087c02f06e65d9b9b0725eac8e4cdf040b7fa5111f3470611ec3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca22cc1a-42ec-4302-b419-bcaefb3d7541.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11336
x-amzn-requestid: bdca4103-9c04-46a9-b020-24a3df05497d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T5CWgG1_IAMFbvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ad175c-6b8e7e5a6d0ce430077519fa;Sampled=0
x-amzn-remapped-date: Sat, 18 Jun 2022 00:07:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: USjBI5_NfgVnMUaHCxGx9RriYd5cZ3YsNVp0gZiMFo5o0gLBtoWLSA==
via: 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 01:51:04 GMT
age: 76942
etag: "c9de52a6b1b9d17dd0b475999ee7aac6ee8744ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11336
Md5:    b78894040c093149df60457274da4f70
Sha1:   c9de52a6b1b9d17dd0b475999ee7aac6ee8744ca
Sha256: 58d942832a43eff5435d262f9a122af91cbefd1a7e51a76dac988f993ea7ff55
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7afb4c53-da76-46e3-89ae-21b0c05f5a89.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11327
x-amzn-requestid: a51b000b-e2e5-42ed-86e7-314253d34d5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8WyFHP7oAMFwZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae6b40-1e249088070f684c7292fd52;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:18:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4WiS-S8YVeHyYT_bgLPjWEufGXssVLCyvunQxQLDBWvyK9c8uHPQvA==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 05:07:19 GMT
age: 65167
etag: "b7728330ddeac441c55d568333e28dd1be4da5bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11327
Md5:    43546be10f260435b48ebc9ce340fdf9
Sha1:   b7728330ddeac441c55d568333e28dd1be4da5bb
Sha256: 27c09be31b8a5af9be71e3f734778fdbbb09de185e488246546c694590e8f387