g.top4top.io/f_kiappc10ua5y17alcnhmwa/1663631594/21194uxnj1.zip
163.172.24.234302 Moved Temporarily 138 B URL HTTP/1.1 g.top4top.io/f_kiappc10ua5y17alcnhmwa/1663631594/21194uxnj1.zip
IP 163.172.24.234:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert fortinet Malware
GET /f_kiappc10ua5y17alcnhmwa/1663631594/21194uxnj1.zip HTTP/1.1
Host: g.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: Hotcores.com
Date: Wed, 21 Sep 2022 15:10:35 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://top4top.io/f-21194uxnj1-zip.html
Reason: Invalid
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11289
Expires: Wed, 21 Sep 2022 18:18:44 GMT
Date: Wed, 21 Sep 2022 15:10:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 14:12:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: opPOTiEdKwr6Fhq1pVbi_peppV2-YtH2eQZ9LKQh9hRPnGValY7WLg==
Age: 3513
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pfefVmr896eUnIK_xjUqqwFbI2krYkBQkb4QKgBsQgLg_7OrjVt2rg==
age: 38122
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 473479efc7375d4b8ef9fbc4eb09ee70
b9ebed3dccc3bf98bb3baf024f8a1c3b0fb07620
8223cf2036161e24fda07a6ab4d63b9b494de134d3547fa40c32d69f00a561e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8223CF2036161E24FDA07A6AB4D63B9B494DE134D3547FA40C32D69F00A561E3"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1942
Expires: Wed, 21 Sep 2022 15:42:57 GMT
Date: Wed, 21 Sep 2022 15:10:35 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 15:10:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
top4top.io/f-21194uxnj1-zip.html
188.165.137.170301 Moved Permanently 256 B URL HTTP/1.1 top4top.io/f-21194uxnj1-zip.html
IP 188.165.137.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d12f656d14f8785e2b5a9a442cd8f566
31d99ff377842d7153b270b78500378efe2a0a51
63832c9a3cd16ce1fa3255e276390b5be98d6c445d90a343f54ac1903734ba24
Analyzer Verdict Alert fortinet Malware
GET /f-21194uxnj1-zip.html HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 15:10:35 GMT
Server: HotCores
Location: https://top4top.io/downloadf-21194uxnj1-zip.html
Content-Length: 256
Content-Type: text/html; charset=iso-8859-1
top4top.io/downloadf-21194uxnj1-zip.html
188.165.137.170200 OK 18 kB URL HTTP/1.1 top4top.io/downloadf-21194uxnj1-zip.html
IP 188.165.137.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Hash f5a74fd26a63c324e50f4b5238e03056
4fe95fa52530608d09dc2fce1fceff1bca45724b
951ebbd63daa5589ef0f349974ad95569b3b0e52776ccd7b6100ec378b4f1034
Analyzer Verdict Alert fortinet Malware
GET /downloadf-21194uxnj1-zip.html HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:10:35 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; expires=Fri, 23-Sep-2022 15:10:35 GMT; path=/
klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9; expires=Fri, 23-Sep-2022 15:10:35 GMT; path=/; domain=.top4top.io; httponly
I-AM: US01
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
s.top4top.io/styles/default-new-reg/images/soft.png
172.67.133.128200 OK 41 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/images/soft.png
IP 172.67.133.128:0
File type PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cf5d3f055149868fd89971433ed8ece
e877509e97d487b44bdd7203c7e3ca2795963afa
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
GET /styles/default-new-reg/images/soft.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 564490
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St5rBcCVUMdFOobyXCMPYHQIeKuDJ85hR9xs%2FuqZhuTu8MpT4OxcH4KdZJ6zelpIqTb7dWsY7D4PUDiHueb52wOZnlv6S9M3KG8eXvf6eAzse0%2FlFDP9gnK0usSLjYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bde6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/images/newlogo.png
172.67.133.128200 OK 19 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/images/newlogo.png
IP 172.67.133.128:0
File type PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash d68c79880117110f89d39cce5c43d39c
6e30dcd905314f77912b224e35ce089560553300
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
GET /styles/default-new-reg/images/newlogo.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 564490
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn6YxBULFKDUe3p%2FbRGdJL1YHdJaXo6gAQmRwJTOTS%2BK2oRpEMx6ELON9eWyVkK81jHnz8qV5b5ioVsVZoDrFqU2BmGU0b72Ft7zJpchwv6rFmIXqsSyRG7W8abUFKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bde5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111
188.165.137.170200 OK 3 B URL HTTP/1.1 top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111
IP 188.165.137.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:10:36 GMT
Server: HotCores
I-AM: US03
Content-Length: 3
Content-Type: text/javascript;Charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:10:36 GMT
Last-Modified: Wed, 21 Sep 2022 13:46:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 15:50:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KMKUVMlUHMV137xzg9tLVExdkEY2TdU7nGrxpnbjhw82yK8e_KjERw==
Age: 434
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 02:47:31 GMT
expires: Mon, 18 Sep 2023 02:47:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 303785
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 31e6649a477618436ba1f70e923e60f3
79299f7c8e35d91802756bbaff69e55978040462
3b0cfdc45275d2af5ea7b3cb4ef484167184b6cd16a09420ea391ea420e0ad04
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 999789ddcf0c9643e4a125973a649414
etag: "bfac001e76975f9a6d9b9c8bc37d77bd"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 21 Sep 2022 15:17:38 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MeZkmkd2GENrofcOkj5g8w==
x-fb-debug: L4jmZFdNVQxa/ecJWp0kUl8kiq9/hr9knGd3LQ8/MVPxbpjHWGg4ZRqUIIxYZilgBksWPDShv6kYeYkGO+AWuw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 15:10:36 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
top4top.io/share.js
188.165.137.170200 OK 2.0 kB IP 188.165.137.170:0
File type HTML document, ASCII text, with CRLF line terminators
Hash d6b05c71ce92a4e0599cf8b731966510
8735a20d053e085fdfe0963cab19b9499e1be457
ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e
Analyzer Verdict Alert fortinet Malware
GET /share.js HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: application/javascript
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
172.67.133.128200 OK 5.6 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
IP 172.67.133.128:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21997)
Hash 581a00c75ba9daedd26bdaa9f5313f04
b0c148ee4f3c9d33aaed282d792f5fa4a144300e
73a0247602e6edd0a141546183e4107234ab1472f85d18d9b979ee4ec8bec8c4
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/font-awesome.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
etag: W/"5e0bab24-578f"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 167028
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46SDQhHUoZvC%2BELq5HNWMx0zSfdNAsqiJtx5qLvRIfY40z6JU0SK7ZQ%2BSdcMHxssi4jNL1Z9J%2FaMSi03zuXh1gsIRLx%2BUf2mkolL4qDcKlGdQ7KEKfzs77gaI47FYjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83cdfbb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050
188.165.137.170200 OK 3 B URL HTTP/1.1 top4top.io/ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050
IP 188.165.137.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 15:10:36 GMT
Server: HotCores
I-AM: US01
Content-Length: 3
Content-Type: text/javascript;Charset=UTF-8
top4top.io/styles/default-new-reg/images/zl.png
188.165.137.170200 OK 673 B URL HTTP/1.1 top4top.io/styles/default-new-reg/images/zl.png
IP 188.165.137.170:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 5caf58a4705aa53b41535b86b18819a1
d38040f84c6dcc16c40519bf0249ea8097b8e969
20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
GET /styles/default-new-reg/images/zl.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
172.67.133.128200 OK 20 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
IP 172.67.133.128:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Hash 4b6f842537d35c024196fc15193337d1
986fcf1dca04c14a85d24667d85b0d8cce1d82a0
779fb933c56c57bff5ef8970b5563994c61bdcf6a03db1dd00a83b5741831b67
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-1bae7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 564490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2EX9R%2BzbxUEJGXrxFE0nnDqdr1ZogvuHaoh2cEouCCoqig%2FGG%2FusQ5YiEZG0h3M9zp2B0ioXCJpQuGCNLScx5tp46P80atfRaHfwGkdmFlN25yz8OvPg24caQSEPM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83cdf8b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 163
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:10:36 GMT
Last-Modified: Wed, 21 Sep 2022 15:07:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
top4top.io/images/twitter.png
188.165.137.170200 OK 385 B URL HTTP/1.1 top4top.io/images/twitter.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash cea04ecdecaebee1062f70f6c0377e9b
d8fc45f070c93f100423bb5e724c2394e0664d29
09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
GET /images/twitter.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/facebook.png
188.165.137.170200 OK 149 B URL HTTP/1.1 top4top.io/images/facebook.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash db3bdb7f62b49e285e9832638c69f900
de920205859fc86ee6f4f1f9094e5d18cb79a21c
2f14fca8d4650c0b03925d0fffbe73b1fe1ca4f2ad19768cd8ec9eed935c3734
GET /images/facebook.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 149
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-95"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/live.png
188.165.137.170200 OK 761 B URL HTTP/1.1 top4top.io/images/live.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c0038438c6e145f1a4dea683ce7cc28
c1ad87024ddba2eb6544dc7ee3c16b45ba9a3c63
5e5b288b52e9bbb8b9c2449b04da155054023d50ac2ded7954f912be02f4c484
GET /images/live.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 761
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-2f9"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/reddit.png
188.165.137.170200 OK 645 B URL HTTP/1.1 top4top.io/images/reddit.png
IP 188.165.137.170:0
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 2a94deb80f88d3f76f263d134b0b1af6
7ef18707f538b89f59cfdb647d2f4f4efe29e23e
38b5f357b4afe9b318ff9bf0806bf69856b80bac27671321097f9840c27e47c7
GET /images/reddit.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 645
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-285"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/sphinn.png
188.165.137.170200 OK 308 B URL HTTP/1.1 top4top.io/images/sphinn.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 95aa9375cbb4bedb87f719c412297b73
0819cdf8762d0d0a8e7187e6838bc8fbc9de51be
5db0d66ddbaf1f37bf7df750e5a86621f5963d836200b6bc9befc140d67f346d
GET /images/sphinn.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 308
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-134"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/myspace.png
188.165.137.170200 OK 776 B URL HTTP/1.1 top4top.io/images/myspace.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 35578456cc898dfd8aa2112c223cdced
1d342dae525f04e2dfc7e097bba4a6881b414b35
956189a17826806990967d4836472550d6ed3a8192c2bc1e679dc3cabe440edf
GET /images/myspace.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 776
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-308"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
top4top.io/images/technorati.png
188.165.137.170200 OK 283 B URL HTTP/1.1 top4top.io/images/technorati.png
IP 188.165.137.170:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f120938135c52cd80b7f37bd5b17daf4
1cb99566ca564dd8a8273a616d072739c58b4290
6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8
GET /images/technorati.png HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-21194uxnj1-zip.html
Cookie: sid=5B7UKYWPL%2CM8EiOvOPqm7a08o%2C2; klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: HotCores
Date: Wed, 21 Sep 2022 15:10:36 GMT
Content-Type: image/png
Content-Length: 283
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-11b"
Expires: Wed, 28 Sep 2022 15:10:36 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 14:41:12 GMT
expires: Wed, 21 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 1764
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js?hash=b968e016da54660ecf18d6234a151ff2
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=b968e016da54660ecf18d6234a151ff2
IP 157.240.200.14:0
File type ASCII text, with very long lines (18673)
Hash 6e4fbd6511b1e8ab453d78afa2490956
cfd8bfecb4d8a19098a9c11c70b1147ff40dea2a
1ccd1353d17b29d7e2c16ca1bbf250cc7c3fd54db7372222cd773ab158391b47
GET /en_US/all.js?hash=b968e016da54660ecf18d6234a151ff2 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a39df9ccf174ae644bd5b502ac0ac03e
etag: "28a1d43229448bafae9e15ab6f1af21e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Sep 2023 12:20:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: bk+9ZRGx6KtFPXivokkJVg==
x-fb-debug: x5yVonXWMDXENsHrTF6vSTm6l0zKiQ/oQjIcyK1ZAgM+i14GOG+SgljlOTZUObDbGRzwWCrijLirwe/749Eofw==
content-length: 88719
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 15:10:36 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jkzyEbjv3Log8fODMmUCcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l0A153Rya6okvKTL+qqGxVSOU6I=
www.google-analytics.com/j/collect?v=1&_v=j97&a=1961123784&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&ul=en-us&de=UTF-8&dt=internet_download_manager_6.39.5%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=1903106268&gjid=2039058113&cid=1146376477.1663773037&tid=UA-9340508-1&_gid=542372836.1663773037&_r=1&_slc=1&z=476189726
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1961123784&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&ul=en-us&de=UTF-8&dt=internet_download_manager_6.39.5%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=1903106268&gjid=2039058113&cid=1146376477.1663773037&tid=UA-9340508-1&_gid=542372836.1663773037&_r=1&_slc=1&z=476189726
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j97&a=1961123784&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&ul=en-us&de=UTF-8&dt=internet_download_manager_6.39.5%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=1903106268&gjid=2039058113&cid=1146376477.1663773037&tid=UA-9340508-1&_gid=542372836.1663773037&_r=1&_slc=1&z=476189726 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://top4top.io
date: Wed, 21 Sep 2022 15:10:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d952f0f3c63f%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4fe418a69eb04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&layout=button_count&locale=en_US&sdk=joey&width=90
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d952f0f3c63f%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4fe418a69eb04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&layout=button_count&locale=en_US&sdk=joey&width=90
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d952f0f3c63f%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff4fe418a69eb04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-21194uxnj1-zip.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: n0ISSJBAXPQ/Z/2BQnOfXEuy3KlwCR/IBBr2PAZiZ+kmoiSGOlVUcNHXVlwx1gV4uJpNejhAUkJCMEYKzsawnw==
content-length: 0
date: Wed, 21 Sep 2022 15:10:36 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21030
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:10:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 61255
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K-lCBW5v2irK9UtfyGeaE7jkaIjQkpEUREIMd2hMXUrlsc6k-p6F1A==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 05:27:48 GMT
age: 34970
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 62594
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 10931
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 62840
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: d9bd4ac9-5032-45d5-9689-c5c3347912d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuFz4oAMFZug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-6fb7d6a52eecab471f67d9a9;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sfGk3C3HLGDYDSXw1d4R7wPRsGdHNKD31chUVzQ8KYBRnsIL0aOW1g==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:17 GMT
age: 62961
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/stylesheet-3.3.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=23881
etag: W/"5e0bab24-5d49"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 167028
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJYq2oK5aNZ3MNazUEkhuJQkw1CubuFVqRNWeQU78%2F1gTnb4hRxoKPQ0hXsxW41xMk4IK5J3EbOm5H7NqZAsFWkMcxfIlw6dHkMMypmzgyJ45tEbhAz4l6TEyvv2PBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83cdf5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 167028
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGLA7BAVvBjtHnNZT%2BAD%2BQGdwMaIqoNQ5esWtkZyey%2F762YzuClng7jpRtoIuuJoaDKLpLeIp2G1Jtr10cOrSMZ%2FjqJQ4mH1BRrcqVdMnHNYQrkAHlhLL9zQxES1YW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83de07b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/fonts.css
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/fonts.css
IP 172.67.133.128:0
GET /styles/default-new-reg/css/fonts.css HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 167026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXhVBdEBHtHFEZJCom8zK7UifpTYpjy%2B9WtqupO4fmX7roNJAy93TCip8ZYSu5pE3OOmyMW9OWrCMNdDOxw2HEUempGc20WCF6JrJd5i1U0lQpT1dCUROJhWjMZbHRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83de0db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 75505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFFHKOxvC0rqq%2B3NouabFqxe5vO7Fuigy4mF36Q2jkL7BQeyE3ILvwXEHI7RefZCPYeUkDzwu1l5Uhe7KIZW6rWTDEix2VWZQyUUwSn8gzO5ybxMYEf802Ur5LjBl1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bddcb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 167027
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60RngYnSIoonHDt8VLcwAof3EO2CuDxI3RbXZy8%2BfPRX79IyImd1FagMSsgBXhFUmNBYCkweAAxZ3OOv9f82vczNPFPJbsI8F6fCa3SQBym%2F%2BYeIkILHjvpbgk%2FXQxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bde0b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
IP 172.67.133.128:0
GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 517370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4FKUE1TPIbDlU7M2rnYltJ%2Fl7NqQtgc%2FPcWt3uw6riyIaxLKS%2BISt2xpqQMJ9VA085rfWqCAkDrs1LsuwJUaglK95vxxLHF6OeNiSgN3Dhb4beiIpDSXOvMO7y0kRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bde2b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/javascript.js?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 155395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNor%2F4U5xv85txGO9xJr6E9DDuv0rfNkuJh6ezYUYc2QOwPSdnZZeIE4UaUGaZiKRlxhcjsEwm9M%2BAgw0HM3J%2FSMOf55EGedxfkYWqHbG434ZS6CNp182V2QMGYgbwY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bde3b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/reset.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=1013
etag: W/"57e8eb5d-3f5"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 75505
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEacTmQP6H9h%2Bi89RTLatCS4Y3YqOwDPSywZ2Z5NtdWitg4F3xBOi0CEq3xAfCkBe1wVMh8UmHrNx6ERoDbLFVCefT7%2FLJZEdeWYasZkW2yHA5mD7I32Wz5TO1d8S3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bdd8b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
172.67.133.128200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
IP 172.67.133.128:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: klj_40d147_fdkey=9f0b01893f2b15db10c9ee1f24f983b0d22acce9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:10:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 406149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymPWO6j5POH0HID4GBLK64qbr9Kc33JfZ1fbBeLCttkDL0hoSryajuqiRMMQt68HG1VeKyUW3oBXAOInaWUM%2B20D%2BDCI5%2FF9qYprCaJK4Qy5BVuZc1dPGWGFxgAeRyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e3ba83bdddb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2