Overview

URLbronzealliance.com/go/7c149e4b-b64e-4749-aa67-f919b8ab5817
IP 172.67.162.208 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-10-26 06:34:12 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (10)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
d0zi.com (1) 0 2022-06-05 17:32:29 UTC 2022-10-26 05:05:54 UTC 162.55.4.52 Unknown ranking
bronzealliance.com (1) 676232 2022-02-26 13:09:23 UTC 2022-10-25 19:19:01 UTC 104.21.90.242
ocsp.digicert.com (3) 86 2012-06-27 22:09:06 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-26 04:55:04 UTC 34.117.237.239
www.dcampu.com (1) 0 2022-06-03 10:37:31 UTC 2022-10-25 19:19:43 UTC 188.114.97.1 Unknown ranking
top.bymytop.digital (4) 0 2022-04-14 18:21:03 UTC 2022-10-26 06:08:51 UTC 67.212.184.147 Unknown ranking
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
e1.o.lencr.org (2) 6159 No data No data 23.36.76.226
img-getpocket.cdn.mozilla.net (6) 1631 2019-03-04 20:37:34 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-26 2 bronzealliance.com/go/7c149e4b-b64e-4749-aa67-f919b8ab5817 Malware
2022-10-26 2 www.dcampu.com/go/e6f19c9f-9fe0-486b-83ad-8d9c45b09b76? Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.162.208
Date UQ / IDS / BL URL IP
2023-02-04 15:18:00 +0000 0 - 0 - 1 bronzealliance.com/go/2124d76f-4c45-4893-8221 (...) 172.67.162.208
2023-02-04 07:11:41 +0000 0 - 0 - 2 bronzealliance.com/go/24c36ca8-aa55-4d86-9d2d (...) 172.67.162.208
2023-01-27 21:10:07 +0000 0 - 0 - 1 bronzealliance.com/go/2124d76f-4c45-4893-8221 (...) 172.67.162.208
2023-01-18 11:15:20 +0000 0 - 0 - 2 bronzealliance.com/go/24c36ca8-aa55-4d86-9d2d (...) 172.67.162.208
2023-01-14 19:34:03 +0000 0 - 0 - 2 bronzealliance.com/go/1dc349de-442a-41d4-b4f8 (...) 172.67.162.208


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-05 04:46:09 +0000 0 - 1 - 0 www.joms.org/action/consumeSharedSessionActio (...) 104.18.123.114
2023-02-05 04:46:11 +0000 0 - 0 - 4 videoforums.ru/ 188.114.96.1
2023-02-05 04:45:35 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10690724603114 (...) 162.159.133.233
2023-02-05 04:44:16 +0000 0 - 0 - 2 dotdrugconsort.com/ 66.235.200.145
2023-02-05 04:43:46 +0000 0 - 0 - 2 ww7.0123movie.net/movie/fits-and-starts-24983.html 104.31.16.3


Last 5 reports on domain: bronzealliance.com
Date UQ / IDS / BL URL IP
2023-02-04 15:18:00 +0000 0 - 0 - 1 bronzealliance.com/go/2124d76f-4c45-4893-8221 (...) 172.67.162.208
2023-02-04 07:11:41 +0000 0 - 0 - 2 bronzealliance.com/go/24c36ca8-aa55-4d86-9d2d (...) 172.67.162.208
2023-01-27 21:10:07 +0000 0 - 0 - 1 bronzealliance.com/go/2124d76f-4c45-4893-8221 (...) 172.67.162.208
2023-01-18 11:15:20 +0000 0 - 0 - 2 bronzealliance.com/go/24c36ca8-aa55-4d86-9d2d (...) 172.67.162.208
2023-01-14 19:34:03 +0000 0 - 0 - 2 bronzealliance.com/go/1dc349de-442a-41d4-b4f8 (...) 172.67.162.208


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-26 08:11:03 +0000 0 - 0 - 4 rmut-glo.azurservers.com/t/clk 18.185.204.10
2022-10-25 01:02:27 +0000 0 - 0 - 3 go.monetizer.mobi/?utm_medium=ec4eee60be98615 (...) 198.143.165.221
2022-10-24 03:38:16 +0000 0 - 0 - 3 army-glo.peoplesdigital.com/t/clk 18.185.204.10
2022-10-23 18:38:37 +0000 0 - 0 - 10 thefreeclub.xyz/1/prizewheel/cash/mycashn/ind (...) 69.175.50.100
2022-10-23 10:38:22 +0000 0 - 0 - 10 thefreeclub.xyz/1/prizewheel/iphone12/ar-dz/i (...) 69.175.50.100

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (27)


Request Response
                                        
                                            GET /go/7c149e4b-b64e-4749-aa67-f919b8ab5817 HTTP/1.1 
Host: bronzealliance.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.90.242
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 26 Oct 2022 06:34:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://www.dcampu.com/go/e6f19c9f-9fe0-486b-83ad-8d9c45b09b76?
Set-Cookie: bemob-uniq-visit:7c149e4b-b64e-4749-aa67-f919b8ab5817=1; Domain=bronzealliance.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly bemob-rotation:7c149e4b-b64e-4749-aa67-f919b8ab5817:random:9fd5fd08e673c979081c00c11d950ce1=0-0-0; Domain=bronzealliance.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly bemob-click-id=6i9JUWVzR9MyuSMJkeQ63r; Domain=bronzealliance.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly
Vary: Accept
X-Response-Time: 13.195ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3caHAiDRK0bNxQ5wFQuYNtoZnoPUme5R%2FufNVmv95NrNRwUAwV1kLxAcccoqR6wx9EzwNgjzrc0CO3cQIl%2B%2FCOOgdz%2FEOJbVTvfDvTIOuP1B0rYbkzRO8WROEVquHsqX5H9AE6I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 760129f3dbaab4f4-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   170
Md5:    aa6b91c257d7f8851c9393ca33df1293
Sha1:   101693965d39a835f29ae3a47e242af292202a58
Sha256: 2e44892e0ecb29fec78ba122b96532b98cbaf889ac3df4427fda64928fb8c36b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10542
Expires: Wed, 26 Oct 2022 09:29:44 GMT
Date: Wed, 26 Oct 2022 06:34:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4492
Expires: Wed, 26 Oct 2022 07:48:54 GMT
Date: Wed, 26 Oct 2022 06:34:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3895
Cache-Control: max-age=100924
Date: Wed, 26 Oct 2022 06:34:02 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:36:06 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 4JDuFlqn+kziewYpeV7SUwQR4Zys/Yt5YiUCpF2vq8kcL4Pbc8/WsNWjI6W7Vh6nYdBVRzziRj5aXzOSTD6/vA==
x-amz-request-id: 1TPQR9SAGYRN0SVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 05:39:05 GMT
age: 3297
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3895
Cache-Control: max-age=100924
Date: Wed, 26 Oct 2022 06:34:02 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:36:06 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5D68D303AA67C33FD65A59F50D099E36671078646490F770AE44E634A2B40553"
Last-Modified: Mon, 24 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20058
Expires: Wed, 26 Oct 2022 12:08:20 GMT
Date: Wed, 26 Oct 2022 06:34:02 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 26 Oct 2022 06:34:02 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5D68D303AA67C33FD65A59F50D099E36671078646490F770AE44E634A2B40553"
Last-Modified: Mon, 24 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20058
Expires: Wed, 26 Oct 2022 12:08:20 GMT
Date: Wed, 26 Oct 2022 06:34:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2317
Cache-Control: max-age=94282
Date: Wed, 26 Oct 2022 06:34:03 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 08:45:25 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /go/e6f19c9f-9fe0-486b-83ad-8d9c45b09b76? HTTP/1.1 
Host: www.dcampu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         188.114.97.1
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Wed, 26 Oct 2022 06:34:02 GMT
location: https://top.bymytop.digital/?utm_medium=3ec5d90f13376bbc835a6f44867229c95b9919da&utm_campaign=ir_big_nonp_maini&cid=6jHuWCPe4bm692Z5pzyhh2&np=2
access-control-allow-origin: *
set-cookie: bemob-uniq-visit:e6f19c9f-9fe0-486b-83ad-8d9c45b09b76=1; Domain=www.dcampu.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly bemob-rotation:e6f19c9f-9fe0-486b-83ad-8d9c45b09b76:random:d02845cad57fb50a21c73d497d80b76e=0-0-0; Domain=www.dcampu.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly bemob-click-id=6jHuWCPe4bm692Z5pzyhh2; Domain=www.dcampu.com; Path=/; Expires=Thu, 27 Oct 2022 06:34:02 GMT; HttpOnly
vary: Accept
x-response-time: 16.644ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZLzDiPWD2bs3wwjixiwpqqSY3CNsFN%2FAjLO%2FQlQjjnXHObm%2Bskt3JTi%2FqilRXNuRv8fhK8KiHCOdSWIdTtDAzCN3Ul1OjddwMI0dYvQ7qef8OvwV6mq99ff9yJDP2r8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760129f59ea50b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (354), with no line terminators
Size:   354
Md5:    8d3ee8413381d82541c85a0d81f2bae7
Sha1:   e6b28eee9c2bb3e6e579b8caaf0c21ebd169d7e3
Sha256: 5371e55e3eedacc0e906d3ec99be87cbd859bb4675824e6903a25958a1e23dc0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: top.bymytop.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top.bymytop.digital/?utm_term=7158705644785106949&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f097979b8790cacbf9c9fffdf4fdc2f2f0f3f2c7c4c5dadbebecece9e8eae4eae8e7e5e1eced191a52
Cookie: u=b0e94c169a3f875743c55f7efc804101
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.212.184.147
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Wed, 26 Oct 2022 06:34:03 GMT
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Thu, 27 Oct 2022 06:34:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    91abe01116ab422c598e9c8af72cf4da
Sha1:   0f2815fe8e067d48537ad168225ab4674271fa27
Sha256: b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4872
Expires: Wed, 26 Oct 2022 07:55:16 GMT
Date: Wed, 26 Oct 2022 06:34:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4872
Expires: Wed, 26 Oct 2022 07:55:16 GMT
Date: Wed, 26 Oct 2022 06:34:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4872
Expires: Wed, 26 Oct 2022 07:55:16 GMT
Date: Wed, 26 Oct 2022 06:34:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4872
Expires: Wed, 26 Oct 2022 07:55:16 GMT
Date: Wed, 26 Oct 2022 06:34:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4872
Expires: Wed, 26 Oct 2022 07:55:16 GMT
Date: Wed, 26 Oct 2022 06:34:04 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3337
x-amzn-requestid: 5a06b710-2b88-435e-8863-3e0e58742e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ21FjooAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585691-2adc1ac2375e087b20ad0e32;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:13 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 02nWxjGUWnLOfCCH-_N91bhvwj9nD2aqZr757DDchdNlHitK7bih4Q==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:12:48 GMT
age: 30076
etag: "3d28f2daeef33f37c91bd26cb527793288635103"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3337
Md5:    494a826ce7609ee5cc8157ea5de5f4f7
Sha1:   3d28f2daeef33f37c91bd26cb527793288635103
Sha256: 09f702f40e29e6b0c27abc5c7bb4605e504453b543c92805ba4045bd3d65c4d0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F710265b5-7594-45dd-ae3b-49cf84887c51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: d7e1e331-09cc-4bdd-83a3-594b65e50d79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK-TEWXIAMFoCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358585b-6e2c04ed0d36eea85de94a22;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b89C7sl-8jR1VviZlenbR1NYN96IhBfbU44KhRuy5oT2Db1NbFZqvQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:11:46 GMT
age: 30138
etag: "f628269fc4ba16b1c4b11a8bc965a7dba93755cb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    656b64fb178a96cdeab7d54d0d3df5ba
Sha1:   f628269fc4ba16b1c4b11a8bc965a7dba93755cb
Sha256: eb1126cfc2a686ea8d845a4898d904a133ff3284578f3a42a45fe01138df6c8c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
age: 30297
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7929
Md5:    c3ae78510434fd68063fc144bf614382
Sha1:   3bb87ca5274ce9f6d81da60ab940d23ccd12843b
Sha256: f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 21450
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4524
Md5:    91ee720c15dc69de45080d0c951353af
Sha1:   5292b31a99d90bcb7071f327b93d52034bdf9dcb
Sha256: 7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sVS9nFgRyVconkkFTOrCO2zA0cICFNQFB2E1q7SQcVQm5_Dm6khvrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:48:40 GMT
age: 31524
etag: "c3856686b98e1883133aa1824c496d34512769a0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13796
Md5:    b946c4f2f177828cf7b76c5764e97157
Sha1:   c3856686b98e1883133aa1824c496d34512769a0
Sha256: be818a015fc9c745ea561a0b9c2aca6ba25ade24acd696fa651163d47b195371
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:05:09 GMT
age: 30535
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6831
Md5:    1cc61ad4b1d66ab4bce27288ee690e12
Sha1:   324e13ad5c99f628d713e55a2994ad4042ece70e
Sha256: 62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: d0zi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d0zi.com/go.php?ad=6pvgwjuc578zbpcgxykd&sid=M7158705644785106949&pub=3211&pid=3211-e3de103z&c=0&app=unknown&br=Firefox&os=[[os]]&d=Mozilla+Firefox&ca=NO+WiFi&a=0&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         162.55.4.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Wed, 26 Oct 2022 06:34:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

                                        
                                            GET /proc.php?500298aa13e9cebf2d098af11539bcce416bbe4d HTTP/1.1 
Host: top.bymytop.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top.bymytop.digital/?utm_term=7158705644785106949&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f097979b8790cacbf9c9fffdf4fdc2f2f0f3f2c7c4c5dadbebecece9e8eae4eae8e7e5e1eced191a52
Cookie: u=b0e94c169a3f875743c55f7efc804101
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.212.184.147
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Wed, 26 Oct 2022 06:34:07 GMT
location: https://d0zi.com/go.php?ad=6pvgwjuc578zbpcgxykd&sid=M7158705644785106949&pub=3211&pid=3211-e3de103z&c=0&app=unknown&br=Firefox&os=[[os]]&d=Mozilla+Firefox&ca=NO+WiFi&a=0
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   747191
Md5:    65c72c4bd7d28f4b3a0adc0fe6ad4bd4
Sha1:   e761bc51dbb59d65301f00bc7cc23e3e1291b9a7
Sha256: b7c4387f3d1b4b075d895ac2e3f6d3d81e8f4a062129c5b539c027d2c806073b
                                        
                                            GET /?utm_medium=3ec5d90f13376bbc835a6f44867229c95b9919da&utm_campaign=ir_big_nonp_maini&cid=6jHuWCPe4bm692Z5pzyhh2&np=2 HTTP/1.1 
Host: top.bymytop.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         67.212.184.147
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Wed, 26 Oct 2022 06:34:03 GMT
location: https://top.bymytop.digital/?utm_term=7158705644785106949&ver=4viyaptcjo
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=b0e94c169a3f875743c55f7efc804101; expires=Thu, 26-Oct-2023 06:34:03 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?utm_term=7158705644785106949&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f097979b8790cacbf9c9fffdf4fdc2f2f0f3f2c7c4c5dadbebecece9e8eae4eae8e7e5e1eced191a52 HTTP/1.1 
Host: top.bymytop.digital
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top.bymytop.digital/?utm_medium=3ec5d90f13376bbc835a6f44867229c95b9919da&utm_campaign=ir_big_nonp_maini&cid=6jHuWCPe4bm692Z5pzyhh2&np=2
Cookie: u=b0e94c169a3f875743c55f7efc804101
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         67.212.184.147
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Wed, 26 Oct 2022 06:34:03 GMT
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---