| mimikatz.en.softonic.com/ |  35.227.233.104 | 301 Moved Permanently | 0 B |
URL HTTP/1.1mimikatz.en.softonic.com/ IP35.227.233.104:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: mimikatz.en.softonic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
location: https://mimikatz.en.softonic.com/
x-request-id: 6d9c1eb6-5f22-4d8d-b9ec-c7e078140bb4
x-served-by: server-5569fbf94c-jrnqd
x-version: 1.5736.0
x-xss-protection: 1
x-frame-options: sameorigin
x-content-type-options: nosniff
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
content-security-policy: upgrade-insecure-requests
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
cache-control: no-cache
content-length: 0
date: Mon, 27 Mar 2023 11:54:35 GMT
x-envoy-upstream-service-time: 7
server: istio-envoy
Via: 1.1 google
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5d9435c884bf4a0777fdf4b57079ae09 7f04b9db47ffeec90ac6397416b7553e5336a550 fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9647
Expires: Mon, 27 Mar 2023 14:35:22 GMT
Date: Mon, 27 Mar 2023 11:54:35 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11447
Expires: Mon, 27 Mar 2023 15:05:22 GMT
Date: Mon, 27 Mar 2023 11:54:35 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 11:15:42 GMT
content-type: application/json
age: 2333
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9bb70197d53617b5e6889b890dd2ae26 f3e9b8a743de494529baf2d078a622539f965307 a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10935
Expires: Mon, 27 Mar 2023 14:56:50 GMT
Date: Mon, 27 Mar 2023 11:54:35 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kIGcfCgFcAAR2xIqT7b1+OUIHiqrvcy8D9aHu/1flAgOI7+XMq9XVhwJlNFb3JtWp4mWnT6mU2FgvwL7A6q6FQ==
x-amz-request-id: DMKBX8HRS9C68CD4
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 10:55:45 GMT
age: 3530
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.usertrust.com/ |  104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash0f3f6484b1acf84cb62811dfd94de96c 26ec06c0f7d34b57fccb82a131471f2497dc9dab 88914a5fc0be1bfdbad555a927fcc5e349f463835305878faeec1db326d19e7b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 11:54:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 04:59:01 GMT
Expires: Sun, 02 Apr 2023 04:59:00 GMT
Etag: "26ec06c0f7d34b57fccb82a131471f2497dc9dab"
Cache-Control: max-age=603098,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 24
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae77083bd76b4f3-OSL
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 11:54:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha3242c27d5e1454c4ed0224a21b99fde d14f94d30b766f1e11284fb333529903e116718c e9f38284fdd9e5d9c19f16fe29db0d58bc68bd71c35aebfbcb80580417feefae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9F38284FDD9E5D9C19F16FE29DB0D58BC68BD71C35AEBFBCB80580417FEEFAE"
Last-Modified: Sun, 26 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10982
Expires: Mon, 27 Mar 2023 14:57:37 GMT
Date: Mon, 27 Mar 2023 11:54:35 GMT
Connection: keep-alive
|
|
| ocsp.usertrust.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash0f3f6484b1acf84cb62811dfd94de96c 26ec06c0f7d34b57fccb82a131471f2497dc9dab 88914a5fc0be1bfdbad555a927fcc5e349f463835305878faeec1db326d19e7b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 11:54:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 04:59:01 GMT
Expires: Sun, 02 Apr 2023 04:59:00 GMT
Etag: "26ec06c0f7d34b57fccb82a131471f2497dc9dab"
Cache-Control: max-age=603098,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 24
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae770851fbdb4f3-OSL
|
|
| sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com | 54.230.111.89 | 200 OK | 987 B |
URL HTTP/2sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com IP54.230.111.89:0
File typeASCII text, with very long lines (1950), with no line terminators Hash4124581321cd78d4d3f440ddc5a06a8a cb902c638c922e7dc2b4bb52ce34567ffdbfbbb9 65626daae5541fb25827db3a601460878266999634226c1883f49a6528a6e7f4
GET /a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=en.softonic.com HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 987
server: CloudFront
date: Mon, 27 Mar 2023 10:29:26 GMT
x-didomi-remote-config-source: Lambda
content-encoding: gzip
cache-control: max-age=7200, public
etag: "01c0af775a5eb7a70b2cbf11e9d74889"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: az9q7izvvRqOVXsgGVIUoVD0fird64qz9DZ1WZ5JmJv8GVcB24jJVQ==
age: 5109
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/fonts/d1174-0627e.woff2 | 151.101.129.91 | 200 OK | 18 kB |
URL HTTP/2sc.sftcdn.net/fonts/d1174-0627e.woff2 IP151.101.129.91:0
File typeWeb Open Font Format (Version 2), TrueType, length 17552, version 1.0\012- data Hash0627ec86dfad171ba217bbc765326ed7 d83f8aac9cb272a8825602735e3766f4975d5c68 d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
GET /fonts/d1174-0627e.woff2 HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
last-modified: Mon, 20 Mar 2023 11:16:19 GMT
etag: "64184083-4490"
expires: Mon, 27 Mar 2023 23:51:34 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 561781
x-served-by: cache-ams21073-AMS, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 15, 4
x-timer: S1679918076.821250,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17552
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/fonts/5bba3-e5711.woff2 | 151.101.129.91 | 200 OK | 13 kB |
URL HTTP/2sc.sftcdn.net/fonts/5bba3-e5711.woff2 IP151.101.129.91:0
File typeWeb Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data Hashe571167fbcce8d5081bce96a09930063 e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /fonts/5bba3-e5711.woff2 HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
last-modified: Mon, 20 Mar 2023 11:16:19 GMT
etag: "64184083-319c"
expires: Tue, 28 Mar 2023 00:20:36 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 560039
x-served-by: cache-ams12743-AMS, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 21, 4
x-timer: S1679918076.823255,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12700
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/scripts/23986-204d4.mjs | 151.101.129.91 | 200 OK | 20 kB |
URL HTTP/2sc.sftcdn.net/scripts/23986-204d4.mjs IP151.101.129.91:0
File typeASCII text, with very long lines (65536), with no line terminators Hash6631e654b3b2ef0803431c2b497fc177 de97b7d0513258b52b9be2e72453e419e60dfb1d 0f19ec54024287e6836dcebe26b56fe621ff645da92ddd93cf7e69a8746ac9fe
GET /scripts/23986-204d4.mjs HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 09:18:01 GMT
etag: W/"641c1949-15b47"
expires: Thu, 30 Mar 2023 14:05:15 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 36
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 337760
x-served-by: cache-ams12767-AMS, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 3422
x-timer: S1679918076.826536,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19661
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/styles/e1d66-7f96b.css | 151.101.129.91 | 200 OK | 18 kB |
URL HTTP/2sc.sftcdn.net/styles/e1d66-7f96b.css IP151.101.129.91:0
File typeASCII text, with very long lines (65536), with no line terminators Hash4980963ca60c72fbb970501428563744 a99e64b88edc1ab8fad11fd0a4871367e597e3d3 759ec09248eb3e1e1afb381329a919ccd67a13e48fd4d08197053b1ecc6d764e
GET /styles/e1d66-7f96b.css HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: text/css
last-modified: Mon, 27 Mar 2023 09:00:45 GMT
etag: W/"64215b3d-1f9f3"
expires: Mon, 03 Apr 2023 09:33:21 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 8474
x-served-by: cache-ams12780-AMS, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 138
x-timer: S1679918076.822819,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17801
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/images/fa090-0d026.svg | 151.101.129.91 | 200 OK | 2.1 kB |
URL HTTP/2sc.sftcdn.net/images/fa090-0d026.svg IP151.101.129.91:0
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (4637) Hash89648f3eb8de01588fcf4801b0b23909 d9216b585c6b772a94800bf51e5f27a4ec904652 d9d123526045286f7fbefc08aaee9c366daccb0d57f43f754a1c7ea14e54d7f3
GET /images/fa090-0d026.svg HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: image/svg+xml
last-modified: Mon, 27 Mar 2023 09:00:44 GMT
etag: W/"64215b3c-12b0"
expires: Mon, 03 Apr 2023 11:08:15 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 2781
x-served-by: cache-ams21068-AMS, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 16, 47
x-timer: S1679918076.825158,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2107
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/fonts/585ea-68c47.woff2 | 151.101.129.91 | 200 OK | 17 kB |
URL HTTP/2sc.sftcdn.net/fonts/585ea-68c47.woff2 IP151.101.129.91:0
File typeWeb Open Font Format (Version 2), TrueType, length 16708, version 1.0\012- data Hashbd17d16b6e95e4eb8911300c70d546f7 847036a00e4e390b67f5c22bf7b531179be344d7 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352
GET /fonts/585ea-68c47.woff2 HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: font/woff2
last-modified: Mon, 20 Mar 2023 11:16:19 GMT
etag: W/"64184083-4144"
expires: Mon, 27 Mar 2023 23:38:06 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 562589
x-served-by: cache-ams21079-AMS, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 5422
x-timer: S1679918076.827685,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16706
X-Firefox-Spdy: h2
|
|
| sc.sftcdn.net/scripts/e6faa-4aa1f.js | 151.101.129.91 | 200 OK | 76 kB |
URL HTTP/2sc.sftcdn.net/scripts/e6faa-4aa1f.js IP151.101.129.91:0
File typeASCII text, with very long lines (65124) Hashceed2a7e64bf4f3062e170d1ebbe2d5f 651a829cd6d016d3e9ca343c11ec384ed93745d3 96ea30dd1f5c5e5a4e102e932876cf3f0ff99fef7167bbe782251090b1c436eb
GET /scripts/e6faa-4aa1f.js HTTP/1.1
Host: sc.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: application/javascript
last-modified: Mon, 20 Mar 2023 11:16:19 GMT
etag: W/"64184083-4034c"
expires: Mon, 27 Mar 2023 23:02:14 GMT
cache-control: max-age=604800,public
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Accept, Content-Type, If-None-Match
access-control-allow-methods: GET, OPTIONS
content-encoding: br
x-envoy-upstream-service-time: 88
x-envoy-decorator-operation: noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 564741
x-served-by: cache-ams21071-AMS, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 5, 34
x-timer: S1679918076.826679,VS0,VE0
vary: Accept-Encoding
x-device-type: common
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 76322
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1eebd93ef4ace8f93b306d6a46d47288 e968b59494a1ec170444176e4a45733e34289be0 ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| softonic.com/revamp/sft-bundle-di.js?modern=1 | 35.227.233.104 | 200 OK | 45 kB |
URL HTTP/2softonic.com/revamp/sft-bundle-di.js?modern=1 IP35.227.233.104:0
File typeASCII text, with very long lines (65456) Hashf79a8379fc88cab40f7ca8f26f3b35ab 934fc3142ff97e9180aeca5011ea9b716a7bc970 9847a2f076c222f473fa98f990749126b813451525c4c6b25e578f920abcdc69
GET /revamp/sft-bundle-di.js?modern=1 HTTP/1.1
Host: softonic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-length: 44944
server: istio-envoy
content-type: application/javascript; charset=utf-8
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-publisher-id: softonic-di
x-version: 1.1007.0
etag: W/"7d1ef7e660cf740d3ddeca5eba02d097"
x-request-id: dddc1b10-07da-469e-a709-ac44dfac5a57
content-encoding: br
x-envoy-upstream-service-time: 5
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:35 GMT
age: 96140
x-served-by: cache-ams21063-AMS, cache-cdg20785-CDG
x-cache: HIT, HIT
x-cache-hits: 3, 1462
x-timer: S1679918076.839784,VS0,VE0
vary: Accept-Encoding,x-device-platform
access-control-expose-headers: x-country-code, x-region
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
X-Firefox-Spdy: h2
|
|
| images.sftcdn.net/images/t_app-icon-s/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png | 104.110.18.102 | 200 OK | 1.6 kB |
URL HTTP/2images.sftcdn.net/images/t_app-icon-s/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png IP104.110.18.102:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 112x112, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash05ce16593131d74609ff7bd63755560b e271e733bc6faa14d2ea18fc5a791c312c808439 725d0e30792adbcc2e6dbcb8b3570876bffe09816a29ea0426e3b74ee923050f
GET /images/t_app-icon-s/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="839102209.webp"
content-type: image/webp
etag: "05ce16593131d74609ff7bd63755560b"
last-modified: Tue, 14 Feb 2023 08:59:37 GMT
content-length: 1570
date: Mon, 27 Mar 2023 11:54:35 GMT
cache-control: public, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-akam;dur=4;start=2023-03-27T11:54:35.895Z;desc=hit,rtt;dur=3
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.117.65.55 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.117.65.55:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s3kVjrv8plLLOTubgMv50A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RXIGWaBjlnJDTSHFipvBeD0kYnY=
Date: Mon, 27 Mar 2023 11:54:35 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 11:14:35 GMT
age: 2400
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| images.sftcdn.net/images/t_app-cover-s,f_auto/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/3282220788/mimikatz-mimikatz-2.png | 104.110.18.102 | 200 OK | 13 kB |
URL HTTP/2images.sftcdn.net/images/t_app-cover-s,f_auto/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/3282220788/mimikatz-mimikatz-2.png IP104.110.18.102:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 340x227, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash048cc6bac189e197e5941f9159605010 621a86b8ae5d739a26745b459abd2d4a82e4bf4a 2509c009e6b0e1e9bb005f0cf74780fc8f44d361ef3cc28170d0336f564c3ac2
GET /images/t_app-cover-s,f_auto/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/3282220788/mimikatz-mimikatz-2.png HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="3282220788.webp"
content-type: image/webp
etag: "048cc6bac189e197e5941f9159605010"
last-modified: Mon, 16 Nov 2020 16:55:45 GMT
content-length: 13300
date: Mon, 27 Mar 2023 11:54:35 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent
x-content-type-options: nosniff
server-timing: cld-akam;dur=34;start=2023-03-27T11:54:35.908Z;desc=miss,rtt;dur=1,cloudinary;dur=95;start=2023-03-25T00:13:44.776Z
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-5LWWHP | 142.250.74.168 | 200 OK | 112 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-5LWWHP IP142.250.74.168:0
File typeASCII text, with very long lines (45405) Size112 kB (111516 bytes) Hashac980d689f638f19294dbd14892d5637 9d053f11dbb0f15e1671cc1f824c900858b299af adde1c1ce4d29fb448d00e6fc3155170c0988c8d2c34862180c12999a454dcf8
GET /gtm.js?id=GTM-5LWWHP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Mar 2023 11:54:35 GMT
expires: Mon, 27 Mar 2023 11:54:35 GMT
cache-control: private, max-age=900
last-modified: Mon, 27 Mar 2023 10:06:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 111516
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1eebd93ef4ace8f93b306d6a46d47288 e968b59494a1ec170444176e4a45733e34289be0 ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| images.sftcdn.net/images/t_favicon-v2/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png | 104.110.18.102 | 200 OK | 2.4 kB |
URL HTTP/2images.sftcdn.net/images/t_favicon-v2/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png IP104.110.18.102:0
File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data Hash8d6393d6083a26aa8b4839b311c99005 c779da64a307e6e2d0a9fe44cf5cf8fe33ecc325 089664744d62c2aeb4bd745e48d567787dc4467ca05842d2ecfdb1e30f72079f
GET /images/t_favicon-v2/p/2ba3a65f-c617-4ea4-955c-b656bb55d14c/839102209/mimikatz-mimikatz-icon.png HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "8d6393d6083a26aa8b4839b311c99005"
last-modified: Thu, 15 Dec 2022 22:30:49 GMT
content-length: 2361
date: Mon, 27 Mar 2023 11:54:36 GMT
cache-control: public, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-akam;dur=32;start=2023-03-27T11:54:36.001Z;desc=miss,rtt;dur=1,cloudinary;dur=94;start=2023-03-23T23:57:00.747Z
X-Firefox-Spdy: h2
|
|
| amplify.outbrain.com/cp/obtp.js | 23.38.201.81 | 200 OK | 6.4 kB |
URL HTTP/1.1amplify.outbrain.com/cp/obtp.js IP23.38.201.81:0
File typeASCII text, with very long lines (20183), with no line terminators Hash8fe038c10fe586e30698a6644ccd26e0 62311d0a818b84d8ce467e7d9a4fa2d7653a4d35 402c14d42c932eb09b7932fd384f7b921679e3142ed79c356f03f84c4958f290
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "f5b26a8a79c33830b47954a53cc355f9:1679753797.689802"
Last-Modified: Sat, 25 Mar 2023 14:14:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 27 Mar 2023 12:14:36 GMT
Date: Mon, 27 Mar 2023 11:54:36 GMT
Content-Length: 6385
Connection: keep-alive
X-RG: EU
X-CC: NO
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashaacadb94b44e557195c202f9eac3d422 ae45e0a668927354b659a0050ec4f37421acfc12 e3efec2ec99be9c753808134094e95ea88d59e2898a180327a5a0818050a3859
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| softonic.com/revamp/sft-bundle-di.js?modern=1 | 35.227.233.104 | 200 OK | 0 B |
URL HTTP/2softonic.com/revamp/sft-bundle-di.js?modern=1 IP35.227.233.104:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /revamp/sft-bundle-di.js?modern=1 HTTP/1.1
Host: softonic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-length: 44944
server: istio-envoy
content-type: application/javascript; charset=utf-8
cache-control: max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-publisher-id: softonic-di
x-version: 1.1007.0
etag: W/"7d1ef7e660cf740d3ddeca5eba02d097"
x-request-id: dddc1b10-07da-469e-a709-ac44dfac5a57
content-encoding: br
x-envoy-upstream-service-time: 5
accept-ranges: bytes
date: Mon, 27 Mar 2023 11:54:36 GMT
age: 96141
x-served-by: cache-ams21063-AMS, cache-cdg20769-CDG
x-cache: HIT, HIT
x-cache-hits: 3, 2794
x-timer: S1679918076.058038,VS0,VE0
vary: Accept-Encoding,x-device-platform
access-control-expose-headers: x-country-code, x-region
access-control-allow-origin: *
x-country-code: NO
x-region: 03
x-device-platform: Desktop
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
X-Firefox-Spdy: h2
|
|
| bat.bing.com/bat.js | 204.79.197.200 | 200 OK | 12 kB |
IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
File typeUnicode text, UTF-8 text, with very long lines (40607), with no line terminators Hash04651bf0c51742f9007b1ae2b4486dee 6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd 5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32A1885EA5824F52BDE4D6E78AA8F830 Ref B: OSL30EDGE0219 Ref C: 2023-03-27T11:54:36Z
date: Mon, 27 Mar 2023 11:54:36 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashb50726fcf63dc2a413d062eecac1e7c6 a5d32e8ed0099d8502141ce1696e61ccf3a0bff5 e0ac38764545d1dade860bb61c891b8c601ed05f241128c9463f11af0396e0f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| securepubads.g.doubleclick.net/tag/js/gpt.js | 142.250.74.130 | 200 OK | 27 kB |
URL HTTP/2securepubads.g.doubleclick.net/tag/js/gpt.js IP142.250.74.130:0
File typeASCII text, with very long lines (39604) Hash893a7fca890095c707230664c0b5c2db 20fbd4ab346d5cf776209b7c1f3d642f35c5e7aa 696f145d478b8e6b56fd9cbdc2fe94e9442f07e4c1ea281205fc055b11bdc525
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27446
date: Mon, 27 Mar 2023 11:54:36 GMT
expires: Mon, 27 Mar 2023 11:54:36 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1523 / 220 of 1000 / last-modified: 1679915512"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashaee967595d5b11fc508d102c6c93dd93 1b51ae5b5f9a4b7e3c51bb4307c9eacd4ea2a85e 3cbc3af47f5b1e142bb6cb5fed8154476b773f1b9a95623b5bb5ba94957ff309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| sdk.privacy-center.org/sdk.1dc5be0738fca9771edc527688fa9f6d26db1e96.js | 54.230.111.89 | 200 OK | 146 kB |
URL HTTP/2sdk.privacy-center.org/sdk.1dc5be0738fca9771edc527688fa9f6d26db1e96.js IP54.230.111.89:0
Size146 kB (146282 bytes) Hash1c329369ac5179f194fbbaa815afbc07 f51b55d0903ede4dd8d267e7ec7cf3975390cae1 7c33f4ebccb0de6a74d8c2b995b0ade8785bc2672050d90d7d041c9cff14ce84
GET /sdk.1dc5be0738fca9771edc527688fa9f6d26db1e96.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 23 Mar 2023 14:36:45 GMT
last-modified: Thu, 23 Mar 2023 14:31:49 GMT
etag: W/"6c61b40ccd94b0232b79178c743aecee"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1679581228/ctime:1679581228/gid:0/gname:root/md5:6c61b40ccd94b0232b79178c743aecee/mode:33188/mtime:1679581228/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7_jF-RyE8-43tbmyYIkHwcSA7g_u7QMnkjnL6ZAPLS8lRvOTJV-h5g==
age: 335871
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/26115935.js | 204.79.197.200 | 204 No Content | 0 B |
URL HTTP/2bat.bing.com/p/action/26115935.js IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/26115935.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A550D9DE0B44BC1BA2B6CCA3E61A869 Ref B: OSL30EDGE0219 Ref C: 2023-03-27T11:54:36Z
date: Mon, 27 Mar 2023 11:54:36 GMT
X-Firefox-Spdy: h2
|
|
| bat.bing.com/action/0?ti=26115935&Ver=2&mid=8d677299-e3b2-4d4b-aec5-0f7803319a64&sid=30139760cc9611edb1c6d9d7d9bfb6ea&vid=30138ea0cc9611edb75943d556c8ece1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=mimikatz%20-%20Download&p=https%3A%2F%2Fmimikatz.en.softonic.com%2F&r=<=943&evt=pageLoad&sv=1&rn=337260 | 204.79.197.200 | 204 No Content | 0 B |
URL HTTP/2bat.bing.com/action/0?ti=26115935&Ver=2&mid=8d677299-e3b2-4d4b-aec5-0f7803319a64&sid=30139760cc9611edb1c6d9d7d9bfb6ea&vid=30138ea0cc9611edb75943d556c8ece1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=mimikatz%20-%20Download&p=https%3A%2F%2Fmimikatz.en.softonic.com%2F&r=<=943&evt=pageLoad&sv=1&rn=337260 IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26115935&Ver=2&mid=8d677299-e3b2-4d4b-aec5-0f7803319a64&sid=30139760cc9611edb1c6d9d7d9bfb6ea&vid=30138ea0cc9611edb75943d556c8ece1&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=mimikatz%20-%20Download&p=https%3A%2F%2Fmimikatz.en.softonic.com%2F&r=<=943&evt=pageLoad&sv=1&rn=337260 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=01EAD699B9E269BB2EA2C478B81768C1; domain=.bing.com; expires=Sat, 20-Apr-2024 11:54:36 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FBE3499E05C472586F3716DFBE16A27 Ref B: OSL30EDGE0219 Ref C: 2023-03-27T11:54:36Z
date: Mon, 27 Mar 2023 11:54:36 GMT
X-Firefox-Spdy: h2
|
|
| status.thawte.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hashbc0de21c57f1a31f0992d527944201ce 44fabc8677ef55f6aba34bb70a66c60e3a2ed871 9b217da693366b3910031bc392dcaa4aa0f466d0b92af5d54c57b997cfb9312d
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2289
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Last-Modified: Mon, 27 Mar 2023 11:16:27 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1679918094401&cv=11&fst=1679918094401&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=mimikatz%20-%20Download&auid=1151445748.1679918094&data=event%3Dgtag.config&rfmt=3&fmt=4 | 142.250.74.34 | 200 OK | 1.2 kB |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1679918094401&cv=11&fst=1679918094401&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=mimikatz%20-%20Download&auid=1151445748.1679918094&data=event%3Dgtag.config&rfmt=3&fmt=4 IP142.250.74.34:0
File typeASCII text, with very long lines (2543), with no line terminators Hash338caf92c111a751fdbd257aa7670db3 4a03ac74eabb28d029c5d73df15e614362240e3b 171c98e594020e7a26f89ec9b7313363f3bf80593a74ece359e95549093bc936
GET /pagead/viewthroughconversion/631321069/?random=1679918094401&cv=11&fst=1679918094401&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=mimikatz%20-%20Download&auid=1151445748.1679918094&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 11:54:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1201
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Mar-2023 12:09:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| script.hotjar.com/modules.ee89e1552e8d595bfc26.js | 54.230.111.44 | 200 OK | 69 kB |
URL HTTP/2script.hotjar.com/modules.ee89e1552e8d595bfc26.js IP54.230.111.44:0
File typeUnicode text, UTF-8 text, with very long lines (50842) Hashc5fc059a0cc793a37c6107c6b5b23729 f8c2193c8f02007e0b77959c4c7e63f26806b23f 4197092696aea9f9e5e9d6f6f5714cce1137d9605340e2b65088f07d0e9e32e0
GET /modules.ee89e1552e8d595bfc26.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68976
date: Mon, 27 Mar 2023 09:12:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "c5fc059a0cc793a37c6107c6b5b23729"
last-modified: Mon, 27 Mar 2023 09:11:35 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aJ8WeAMS90XeSxexUG86Tl6mb2KQ1IoTLIJEbCE9Cp5AGWjMD9ZpdQ==
age: 9749
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash46deddb8b844851da2d68cdb99372c7d f52730dfe273dff574d1421d8c7178c2d296aaa2 6dfc153b2d0e0b53820d77a059a342f07bf691771ae91c31bc4d45cdbcebf2a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/pagead/1p-user-list/631321069/?random=1679918094401&cv=11&fst=1679914800000&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&frm=0&tiba=mimikatz%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=695221368&rmt_tld=1&ipr=y | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/631321069/?random=1679918094401&cv=11&fst=1679914800000&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&frm=0&tiba=mimikatz%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=695221368&rmt_tld=1&ipr=y IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/631321069/?random=1679918094401&cv=11&fst=1679914800000&bg=ffffff&guid=ON&async=1>m=45be33m0&u_w=1280&u_h=1024&url=https%3A%2F%2Fmimikatz.en.softonic.com%2F&frm=0&tiba=mimikatz%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=695221368&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 11:54:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tr.outbrain.com/cachedClickId?marketerId=00a3d36c60122238463de2f625cdad8f07,00080c9f1e16536bc663ec6b4bf74697a1 | 70.42.32.255 | 200 OK | 35 B |
URL HTTP/1.1tr.outbrain.com/cachedClickId?marketerId=00a3d36c60122238463de2f625cdad8f07,00080c9f1e16536bc663ec6b4bf74697a1 IP70.42.32.255:0
File typeASCII text, with no line terminators Hash75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=00a3d36c60122238463de2f625cdad8f07,00080c9f1e16536bc663ec6b4bf74697a1 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 11:54:36 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: e9a40ab6ac1d6499e19e94aef587753b
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash46deddb8b844851da2d68cdb99372c7d f52730dfe273dff574d1421d8c7178c2d296aaa2 6dfc153b2d0e0b53820d77a059a342f07bf691771ae91c31bc4d45cdbcebf2a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com | 54.230.82.118 | 200 OK | 470 B |
URL HTTP/2c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com IP54.230.82.118:0
File typeJSON data\012- , ASCII text, with very long lines (470), with no line terminators Hashf2a9c3b6883d9e09d8017950c371bb4a 9770468d80e5628cf4bdf14b310460a2ed8551a0 8117ea09b5caab594dd88ba8826f107ef9f3a5f91e36b1f89672b03dc33ae48e
GET /cdn/prod/config?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 470
access-control-allow-origin: https://mimikatz.en.softonic.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 27 Mar 2023 11:54:36 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t7h4dXKtdKoYYINMGT_3K11-Vcp4zhqcEyR2cEgz26HTvqmWyFEviw==
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=2 | 172.67.69.19 | 200 OK | 43 B |
URL HTTP/2ad-delivery.net/px.gif?ch=2 IP172.67.69.19:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 11:54:36 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdtPGT2o0xjtSTj_l2to0_qmbbQ--3HuvenaYCxOjBSNMCRoWSPRIwFpDCq4Ey1CrfJIH6woC9yKxU5Xs5esPckX
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 09 Mar 2023 20:05:42 GMT
cache-control: public, max-age=86400
age: 1526430
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdjnekyALwoUya4u73QeW%2FD6yNPwRvmF6LCeOD2%2Fn6cDkWgQUeLrt6XiKRNZPYCpFbxcuL%2BL45a1Z9LHxzzg2orpkWGLx6bMs%2Fx%2FRw4xNQvv1RZ7pBuaI33PWqqhBbHl9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae7708c8cc9b4ee-OSL
X-Firefox-Spdy: h2
|
|
| ad-delivery.net/px.gif?ch=1&e=0.05441423850906846 | 172.67.69.19 | 200 OK | 43 B |
URL HTTP/2ad-delivery.net/px.gif?ch=1&e=0.05441423850906846 IP172.67.69.19:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.05441423850906846 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 11:54:36 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdtPGT2o0xjtSTj_l2to0_qmbbQ--3HuvenaYCxOjBSNMCRoWSPRIwFpDCq4Ey1CrfJIH6woC9yKxU5Xs5esPckX
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 09 Mar 2023 20:05:42 GMT
cache-control: public, max-age=86400
age: 1526430
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezz3xkZgPrX5mE4Tkjku2K02skymsiQyE7R05kkEuMuNvGcOldz7woBi8apeoBdchcx%2B92EJwFyevxrsz%2B8WjDD94Q3FhqHsaAIki5qpqVlMCR6xeKh%2BDmcxa%2BUzw4dZ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae7708c9ccdb4ee-OSL
X-Firefox-Spdy: h2
|
|
| images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avastsecurebrowser/EN_Softonic_DI_April_2022/background | 104.110.18.102 | 200 OK | 17 kB |
URL HTTP/2images.sftcdn.net/images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avastsecurebrowser/EN_Softonic_DI_April_2022/background IP104.110.18.102:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 730x430, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hashdcae4be4e0b79c80e507b8b3cc3b466b 54cb4ed03b931e770208e462380b096ca3dd3b76 ce8489cef08c09f51c3e320472fd083624d91c2e9a26f90048017faa192d53d3
GET /images/dpr_auto,f_auto,fl_sanitize,q_auto/di/avastsecurebrowser/EN_Softonic_DI_April_2022/background HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-disposition: inline; filename="EN_Softonic_DI_April_2022.webp"
content-type: image/webp
etag: "dcae4be4e0b79c80e507b8b3cc3b466b"
last-modified: Wed, 06 Apr 2022 09:31:31 GMT
content-length: 16842
date: Mon, 27 Mar 2023 11:54:37 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-dpr: 1
x-content-type-options: nosniff
server-timing: cld-akam;dur=3;start=2023-03-27T11:54:37.056Z;desc=hit,rtt;dur=2
X-Firefox-Spdy: h2
|
|
| aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com%2F&pid=MI2MqmMIN2EJ3&cb=0&ws=1280x939&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22top-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Second%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop-alternatives%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Third%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop-second%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_second%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D | 54.230.241.131 | 200 OK | 150 B |
URL HTTP/2aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com%2F&pid=MI2MqmMIN2EJ3&cb=0&ws=1280x939&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22top-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Second%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop-alternatives%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Third%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop-second%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_second%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D IP54.230.241.131:0
File typeASCII text, with no line terminators Hashf929b0397f00432ae5e886066ee8be1f c1707ec2a575799c34ae31eb15e0526b4bd0d01b c2a0ca6f143f581bf1fe17f1e020214c4901566df6898e9c78d54d83adf36c82
GET /e/dtb/bid?src=3177&u=https%3A%2F%2Fmimikatz.en.softonic.com%2F&pid=MI2MqmMIN2EJ3&cb=0&ws=1280x939&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22top-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Second%22%7D%2C%7B%22sd%22%3A%22bottom-mpu-app-page-desktop-alternatives%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_MPU_Third%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_first%22%7D%2C%7B%22sd%22%3A%22bottom-leaderboard-app-page-desktop-second%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2FDesktop%2FDesktop-Web-EN%2FApps%2FProgrampage%2FBTF_leaderboard_second%22%7D%5D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D HTTP/1.1
Host: aax.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 150
server: Server
date: Mon, 27 Mar 2023 11:54:37 GMT
x-amz-rid: 697DJE2EPZ8076YN2A17
access-control-allow-origin: https://mimikatz.en.softonic.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j08K4595m-MJweLYjDEqe5XpurmpQmWsx8m70L4YMxlIfmGmx5uQtQ==
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash97888547ec2e152abc5333a8f1e60899 fc74d301ad95a5d7b61b11dafb8a3f85c24fb82b f38ae3fa0d98ee97cdafaab05dac52db0f3c286cf6166b0a9512568e1a634d60
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117539
Date: Mon, 27 Mar 2023 11:54:37 GMT
Etag: "64209aa8-1d7"
Expires: Tue, 28 Mar 2023 20:33:36 GMT
Last-Modified: Sun, 26 Mar 2023 19:19:04 GMT
Server: ECAcc (nya/7975)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hyRPb01Jg6l-HVwRBx33L6t9_2dIBOIeKY7xWux5A9RoV080BhNQ-g==
Age: 4472
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hash97888547ec2e152abc5333a8f1e60899 fc74d301ad95a5d7b61b11dafb8a3f85c24fb82b f38ae3fa0d98ee97cdafaab05dac52db0f3c286cf6166b0a9512568e1a634d60
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117220
Date: Mon, 27 Mar 2023 11:54:37 GMT
Etag: "64209aa8-1d7"
Expires: Tue, 28 Mar 2023 20:28:17 GMT
Last-Modified: Sun, 26 Mar 2023 19:19:04 GMT
Server: ECAcc (nya/799C)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EVp1icaNDOIuA0K0XGfI8xutsximBu9zeaYDVlQPOxu9ONUx4lDtLg==
Age: 4153
|
|
| www.google-analytics.com/analytics.js | 216.239.34.178 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP216.239.34.178:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 27 Mar 2023 10:05:11 GMT
expires: Mon, 27 Mar 2023 12:05:11 GMT
cache-control: public, max-age=7200
age: 6566
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash39df75474d1984e41a4417313d866284 750f7332130526dd381a4590224a0c2d98b22af4 eae5bca0ec792b76ccc026ba8eec1c0852c5405552304eff9e749083650535cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash61dbfc6c6716852dd58a7262c1fe9895 d3cd5e574f73954e64e6ea418de44145bad3919b bcd375b63bfb9843dc8ddeb5108a1ed3567c5b58b42ad30d920267253b9c4d94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7f589a72ab0e3ceb789eec4838d09db5 df1112c32a41bae5630dcd131b2b4c2d15fcdee4 2751e53954ec7e46ba57c1095408154e639059066f5e5d5cc492e0ff96f2b5b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg | 142.250.74.80 | 200 OK | 6.6 kB |
URL HTTP/2storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg IP142.250.74.80:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1204) Hash8a5ec86f9e44863fd94329cebaecb4d1 8fa7ffe302640a4fd585151c6de1efe322cfe8f2 d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
GET /storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsfwpZZm4Q4tmVL6xArlycEM9yQyjSdyd_O6XhqNEWBi48VzLL2azV0raf0jTE0FZsQQMwSjKnjxXWWW7wT8h96
x-goog-generation: 1677676797280447
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6593
x-goog-hash: crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 6593
server: UploadServer
date: Mon, 27 Mar 2023 11:17:01 GMT
expires: Mon, 27 Mar 2023 12:17:01 GMT
cache-control: public, max-age=3600
age: 2256
last-modified: Wed, 01 Mar 2023 13:19:57 GMT
etag: "8a5ec86f9e44863fd94329cebaecb4d1"
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 | 142.250.74.166 | 200 OK | 104 B |
URL HTTP/2ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 IP142.250.74.166:0
File typeMS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data Hash32ac8a9b81788b981a3a7e13c14082d4 fbfd48a2bfe8d4247a975176f88d18c3c2ad1952 00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 05:46:45 GMT
expires: Tue, 28 Mar 2023 05:46:45 GMT
cache-control: public, max-age=86400
age: 22072
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tr.outbrain.com/unifiedPixel?optOut=false&bust=07251255910638871&referrer=&marketerId=00a3d36c60122238463de2f625cdad8f07%2C00080c9f1e16536bc663ec6b4bf74697a1&name=PAGE_VIEW&dl=https%3A%2F%2Fmimikatz.en.softonic.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5 | 70.42.32.255 | 200 OK | 53 B |
URL HTTP/1.1tr.outbrain.com/unifiedPixel?optOut=false&bust=07251255910638871&referrer=&marketerId=00a3d36c60122238463de2f625cdad8f07%2C00080c9f1e16536bc663ec6b4bf74697a1&name=PAGE_VIEW&dl=https%3A%2F%2Fmimikatz.en.softonic.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5 IP70.42.32.255:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash414bd2a5161db03fdd910327b42c6daa 65d4cf50496813c5f1a34eddd5c50dc67d44ff47 b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?optOut=false&bust=07251255910638871&referrer=&marketerId=00a3d36c60122238463de2f625cdad8f07%2C00080c9f1e16536bc663ec6b4bf74697a1&name=PAGE_VIEW&dl=https%3A%2F%2Fmimikatz.en.softonic.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mimikatz.en.softonic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 11:54:37 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 2f93b791d98ef582331a0a4bdb6c4003
|
|
| partner.googleadservices.com/gampad/cookie.js?domain=mimikatz.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie | 216.58.207.226 | 200 OK | 241 B |
URL HTTP/2partner.googleadservices.com/gampad/cookie.js?domain=mimikatz.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie IP216.58.207.226:0
File typeASCII text, with very long lines (364), with no line terminators Hasha25594b08ef5d0edfdd7bc98b3351162 e67103aca70f1bdabbd30f2d5cdffb907bf17d57 c4c4268cb89cd2a962db751d02e722b745b34c97fc863dd4658a049d45d177ca
GET /gampad/cookie.js?domain=mimikatz.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 27 Mar 2023 11:54:37 GMT
server: cafe
cache-control: private
content-length: 241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash61dbfc6c6716852dd58a7262c1fe9895 d3cd5e574f73954e64e6ea418de44145bad3919b bcd375b63bfb9843dc8ddeb5108a1ed3567c5b58b42ad30d920267253b9c4d94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash7f589a72ab0e3ceb789eec4838d09db5 df1112c32a41bae5630dcd131b2b4c2d15fcdee4 2751e53954ec7e46ba57c1095408154e639059066f5e5d5cc492e0ff96f2b5b0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashaee967595d5b11fc508d102c6c93dd93 1b51ae5b5f9a4b7e3c51bb4307c9eacd4ea2a85e 3cbc3af47f5b1e142bb6cb5fed8154476b773f1b9a95623b5bb5ba94957ff309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded | 3.211.25.228 | 200 OK | 0 B |
URL HTTP/2prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded IP3.211.25.228:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/recordVendorsLoaded HTTP/1.1
Host: prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 11:54:37 GMT
content-length: 0
set-cookie: AWSALB=hP5EqcHpqzQo++g1OMizgI4iepU4dRR7ao9FUK/Hg41N2dLrDwjQ8kiKZKBkcb3lV14eZ58LRR9G1Rf5sdwdMUKR3f3/q11hVS9do9S3VG0zOHLPG7O0GWzMZuxh; Expires=Mon, 03 Apr 2023 11:54:37 GMT; Path=/
AWSALBCORS=hP5EqcHpqzQo++g1OMizgI4iepU4dRR7ao9FUK/Hg41N2dLrDwjQ8kiKZKBkcb3lV14eZ58LRR9G1Rf5sdwdMUKR3f3/q11hVS9do9S3VG0zOHLPG7O0GWzMZuxh; Expires=Mon, 03 Apr 2023 11:54:37 GMT; Path=/; SameSite=None; Secure
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash39df75474d1984e41a4417313d866284 750f7332130526dd381a4590224a0c2d98b22af4 eae5bca0ec792b76ccc026ba8eec1c0852c5405552304eff9e749083650535cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM | 142.250.74.46 | 200 OK | 94 B |
URL HTTP/2ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM IP142.250.74.46:0
File typeJSON data\012- , ASCII text Hashc2144a6b5539facf69724cd8b26dcd81 4893942b88fdcc2e7c9ae52ecc1da5774855b27f b293ac83010e12a3b2c3efc7185fb005ab4c64c1fa023747a3cb05d53b772115
POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Content-Type: text/plain
Content-Length: 33
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 27 Mar 2023 11:54:37 GMT
server: ESF
cache-control: private
content-length: 94
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://mimikatz.en.softonic.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift |  67.220.228.203 | 302 Found | 0 B |
URL HTTP/1.1aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift IP67.220.228.203:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Mon, 27 Mar 2023 11:54:37 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: G5DPSRC9AV14XTEX72Q0
Set-Cookie: ad-id=AysT9vpoP06zkki8yI6whH8|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 11:54:37 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
|
|
| ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP142.250.74.131:0
Hasha9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf
POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP142.250.74.131:0
Hasha9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf
POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded | 3.211.25.228 | 200 OK | 0 B |
URL HTTP/2prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded IP3.211.25.228:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/recordVendorsLoaded HTTP/1.1
Host: prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Content-Type: application/json
Content-Length: 78
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 11:54:37 GMT
content-length: 0
set-cookie: AWSALB=lVAD6OyzsPzKEy5O2hHrMtunyCUZlw56sfUSY/E+/Y+3VXsYV3f4ca0mH4+3Sl/oyuKIpRQXLTwvElHBco7zTGydMBYU5RSyN5xOoKaIWDVknjXA6xaXL5PGwgn6; Expires=Mon, 03 Apr 2023 11:54:37 GMT; Path=/
AWSALBCORS=lVAD6OyzsPzKEy5O2hHrMtunyCUZlw56sfUSY/E+/Y+3VXsYV3f4ca0mH4+3Sl/oyuKIpRQXLTwvElHBco7zTGydMBYU5RSyN5xOoKaIWDVknjXA6xaXL5PGwgn6; Expires=Mon, 03 Apr 2023 11:54:37 GMT; Path=/; SameSite=None; Secure
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM | 142.250.74.46 | 200 OK | 23 B |
URL HTTP/2ampcid.google.no/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM IP142.250.74.46:0
File typeJSON data\012- , ASCII text Hashe3981ca10169a319d5aa062bf43a5fa1 2c6ed584767b65688ce99b1ebe1a3b7448a67421 8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
POST /v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM HTTP/1.1
Host: ampcid.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Content-Type: text/plain
Content-Length: 33
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 27 Mar 2023 11:54:37 GMT
server: ESF
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://mimikatz.en.softonic.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift&dcc=t | 67.220.228.203 | 200 OK | 64 B |
URL HTTP/1.1aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift&dcc=t IP67.220.228.203:0
File typeHTML document, ASCII text Hashbe99f9f8ced5e5eb1f9721d861712f89 4291ee98f7ce20471796ec89961abb1acb2af1d8 f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rbd_n-vmg_rx_ox-db5_smrt_3lift&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Mon, 27 Mar 2023 11:54:37 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: PKXFC5WFHSX1DGN4QE0Q
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
|
|
| api.btloader.com/country | 130.211.23.194 | 200 OK | 16 B |
IP130.211.23.194:0
File typeJSON data\012- , ASCII text, with no line terminators Hash452880c1a375b8fba8c9499f0930d05f ffe5484a23512c2a574d837fe2d3267b134e48c8 8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Mon, 27 Mar 2023 11:54:37 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.btloader.com/pv?tid=OsWbXabL&w=5299385968099328&o=5633429348548608&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fmimikatz.en.softonic.com%2F&sid=6oF3WZR0&upapi=true | 130.211.23.194 | 204 No Content | 0 B |
URL HTTP/2api.btloader.com/pv?tid=OsWbXabL&w=5299385968099328&o=5633429348548608&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fmimikatz.en.softonic.com%2F&sid=6oF3WZR0&upapi=true IP130.211.23.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=OsWbXabL&w=5299385968099328&o=5633429348548608&cv=2.1.10-3-g4120aac&r=false&vr=1280x939&pageURL=https%3A%2F%2Fmimikatz.en.softonic.com%2F&sid=6oF3WZR0&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Mon, 27 Mar 2023 11:54:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.id5-sync.com/api/1.0/id5-api.js | 104.22.52.86 | 200 OK | 17 kB |
URL HTTP/2cdn.id5-sync.com/api/1.0/id5-api.js IP104.22.52.86:0
File typeASCII text, with very long lines (58878) Hashc1e7a912dc8316384c56401b377fe44d be7820d952d5e66d82a10675bcaa39b3159eb6fd 43820d35a951b5b684a48fc0abf95afb4a0b6b2d2ed36e199cbb9d6d8555c886
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 11:54:37 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: aoB/Sieh9ynrVwOo+d8fo0EnrWB5hIatF3s5IYLgL17dLZkXaGZHx7o0qic5tXYZ+t3dwuB2qaA=
x-amz-request-id: 5MF1BW9Z70MA5G1F
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1024
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ae7708ef885b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=1165675690.1679918095>m=45je33m0&aip=1 | 173.194.221.154 | 204 No Content | 0 B |
URL HTTP/2stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=1165675690.1679918095>m=45je33m0&aip=1 IP173.194.221.154:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R5K71YRXMV&cid=1165675690.1679918095>m=45je33m0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mimikatz.en.softonic.com
date: Mon, 27 Mar 2023 11:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152357-1&cid=198970611.1679918096&jid=1582250822&gjid=1804063038&_gid=1643748116.1679918096&_u=YGhAgEABAAQCAEAAIE~&z=1893687839 | 173.194.221.154 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152357-1&cid=198970611.1679918096&jid=1582250822&gjid=1804063038&_gid=1643748116.1679918096&_u=YGhAgEABAAQCAEAAIE~&z=1893687839 IP173.194.221.154:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-152357-1&cid=198970611.1679918096&jid=1582250822&gjid=1804063038&_gid=1643748116.1679918096&_u=YGhAgEABAAQCAEAAIE~&z=1893687839 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://mimikatz.en.softonic.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Mar 2023 11:54:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbe1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9817
Expires: Mon, 27 Mar 2023 14:38:14 GMT
Date: Mon, 27 Mar 2023 11:54:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashbe1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9817
Expires: Mon, 27 Mar 2023 14:38:14 GMT
Date: Mon, 27 Mar 2023 11:54:37 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash22905e8a7c8b1741dd51842c114a6517 c5900fe2396e0ca371c4847af4e96149850c3577 1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 07:49:08 GMT
age: 14729
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/C9sIyVCC2ts IP142.250.74.131:0
Hasha9683d29537c2eb059bec763cd751bb8 f75dddeb0ba61efb3502b44ffa23ad4459edf5f7 e8717f6fbd2717788c2cfd128ec39ca9a51997b8f0566621a383df6484680eaf
POST /s/gts1d4/C9sIyVCC2ts HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 11:54:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg | 34.120.237.76 | 200 OK | 3.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:53:16 GMT
age: 50481
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8cc79a830964d923d24a45f5ccc9939b 557cc4827414912c41319ad961c14cce71ed4a18 b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 16:38:20 GMT
age: 69377
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash85351059b67b0a42eda7e69a31b3b4b4 b798268806dc2f79f033e5872676019faf0e0cc1 86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 09:22:12 GMT
age: 9145
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe999a9d79efe60a30b2942c5f2940294 c3891c43b16521f66eb3a52d83694de2ddd39871 290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 30029
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash668a8a17a1bb77ea7db7fa23c9df9690 242108539ff8694a3c557d07b2b000e764a77f24 100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10591
x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIOwFW-oAMFgUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:57:30 GMT
age: 50227
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash71a0bc2ad15468f071bea6bbb86af823 40b0885be5365d6dfd3724a38c2c969f6353eead d69ce64f7409fc135069c5e68c583cee644d5d487a740c6d3ef2280196671e35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D69CE64F7409FC135069C5E68C583CEE644D5D487A740C6D3EF2280196671E35"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3010
Expires: Mon, 27 Mar 2023 12:44:47 GMT
Date: Mon, 27 Mar 2023 11:54:37 GMT
Connection: keep-alive
|
|
| notix.io/rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12 |  139.45.240.92 | 200 OK | 43 B |
URL HTTP/2notix.io/rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12 IP139.45.240.92:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /rtg.gif?px=970b339c-fab1-444c-b6ac-fdb4f930cd12 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 11:54:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| c.aaxads.com/aax.js?pub=AAXXX4L07&hst=mimikatz.en.softonic.com&ver=1.2 | 104.22.54.232 | 302 Found | 0 B |
URL HTTP/2c.aaxads.com/aax.js?pub=AAXXX4L07&hst=mimikatz.en.softonic.com&ver=1.2 IP104.22.54.232:0
GET /aax.js?pub=AAXXX4L07&hst=mimikatz.en.softonic.com&ver=1.2 HTTP/1.1
Host: c.aaxads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 27 Mar 2023 11:54:36 GMT
location: https://btloader.com/tag?o=5633429348548608&upapi=true
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae7708bae93b500-OSL
X-Firefox-Spdy: h2
|
|
| mimikatz.en.softonic.com/ | 35.227.233.104 | 200 OK | 0 B |
URL HTTP/2mimikatz.en.softonic.com/ IP35.227.233.104:0
GET / HTTP/1.1
Host: mimikatz.en.softonic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: e0d752d6-fdf4-49dd-9ff9-6b58a88527d8
vary: user-agent,accept-encoding
content-language: en-US
x-rendered-as: desktop
x-detected-as: desktop
x-page-id: app
x-is-bot: false
x-served-by: server-5569fbf94c-64mrb
x-version: 1.5736.0
x-xss-protection: 1
x-frame-options: sameorigin
x-content-type-options: nosniff
permissions-policy: accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
content-security-policy: upgrade-insecure-requests
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: _usr_orgn=direct; Domain=en.softonic.com; Path=/
_swo_pos=233; Max-Age=1296000; Expires=Tue, 11 Apr 2023 11:54:35 GMT; Secure; Domain=en.softonic.com; Path=/
content-type: text/html; charset=utf-8
content-encoding: br
date: Mon, 27 Mar 2023 11:54:35 GMT
x-envoy-upstream-service-time: 106
server: istio-envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.hotjar.com/c/hotjar-424839.js?sv=7 | 54.230.111.113 | 200 OK | 0 B |
URL HTTP/2static.hotjar.com/c/hotjar-424839.js?sv=7 IP54.230.111.113:0
GET /c/hotjar-424839.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 11:54:18 GMT
cache-control: max-age=60
etag: W/0adce19d784d1f0bba134b6936551aa9
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -5tlGQmn-4ztWct3AO7mhL2fP3nVr2DBGXqUsPF6K6FFn2aRTqZ20Q==
age: 18
X-Firefox-Spdy: h2
|
|
| c.amazon-adsystem.com/aax2/apstag.js | 54.230.82.118 | 200 OK | 0 B |
URL HTTP/2c.amazon-adsystem.com/aax2/apstag.js IP54.230.82.118:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 11:47:30 GMT
last-modified: Wed, 22 Mar 2023 19:30:00 GMT
etag: W/"d56f69f591501c51a51bb8f94f3df073"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: 1x_PL9RKvTkPVJLZnaRnlrA7YxH-qiesOswbdOqWofnQ1j2PEqs0tg==
age: 427
X-Firefox-Spdy: h2
|
|
| c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js | 54.230.82.118 | 200 OK | 0 B |
URL HTTP/2c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js IP54.230.82.118:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mimikatz.en.softonic.com/
Origin: https://mimikatz.en.softonic.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 27 Mar 2023 06:17:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 21 Mar 2023 22:59:14 GMT
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
x-amz-version-id: V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WF4dCfrByGuUWchDx9eEVf8uhBqy7hgIK3LufXQ5s5b99sqXPJkJww==
age: 20211
X-Firefox-Spdy: h2
|
|