Overview

URLdownload.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
IP 185.66.200.173 (Slovakia)
ASN#201702 skHosting.eu s.r.o.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 01:21:19 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (21)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-12-05 08:18:24 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
aff-a.advertica-cdn.com (4) 0 2017-09-18 15:27:46 UTC 2022-12-05 18:23:57 UTC 185.66.200.127 Domain (advertica-cdn.com) ranked at: 739624
download.tl (23) 0 2022-04-08 09:06:48 UTC 2022-12-05 15:43:25 UTC 185.66.200.173 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
qoaaa.com (7) 239567 2018-11-26 21:58:30 UTC 2022-12-05 19:57:26 UTC 185.66.201.42
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
my-pu.sh (1) 0 2022-05-09 08:41:39 UTC 2022-12-02 03:51:40 UTC 185.66.201.58 Unknown ranking
o-oo.ooo (1) 838293 2017-02-01 17:22:18 UTC 2022-12-05 02:07:49 UTC 185.66.201.42
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-05 04:09:35 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-05 08:37:19 UTC 142.250.74.168
r3.o.lencr.org (17) 344 No data No data 23.36.77.32
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-12-05 11:11:06 UTC 216.58.207.202
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.213.75
affili.st (2) 0 2017-03-07 15:15:33 UTC 2022-11-26 23:03:59 UTC 185.66.201.42 Unknown ranking
r3.o.lencr.org (17) 344 No data No data 95.101.11.115
cdn.puuush.me (2) 0 2022-02-21 19:22:17 UTC 2022-12-03 17:22:20 UTC 173.236.118.99 Unknown ranking
aff-aff.advertica-cdn.com (2) 0 2017-10-05 08:35:28 UTC 2022-11-26 23:03:50 UTC 185.66.200.127 Domain (advertica-cdn.com) ranked at: 739624

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 qoaaa.com/js/responsive.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.66.200.173
Date UQ / IDS / BL URL IP
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 05:39:53 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 03:07:55 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


Last 5 reports on ASN: skHosting.eu s.r.o.
Date UQ / IDS / BL URL IP
2023-01-29 12:42:57 +0000 0 - 4 - 0 6784.world/go.php?go=us.r-q.media/?utm_medium (...) 185.66.201.7
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-26 09:31:13 +0000 0 - 0 - 1 qoaaa.com/baa1c603fd95f8310018/4db48ddfa9/ 185.66.201.42
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


Last 5 reports on domain: download.tl
Date UQ / IDS / BL URL IP
2023-01-28 23:09:54 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-26 15:19:04 +0000 0 - 0 - 1 download.tl/download/c4a79dfc1d67a07ab696e716 (...) 185.66.200.173
2023-01-25 14:22:42 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 05:39:53 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173
2023-01-25 03:07:55 +0000 0 - 0 - 1 download.tl/download/f4d88a99f9f2333a22becba7 (...) 185.66.200.173


No other reports with similar screenshot

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (87)


Request Response
                                        
                                            GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         185.66.200.173
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 06 Dec 2022 01:21:07 GMT
Content-Length: 162
Connection: keep-alive
Location: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6077
Expires: Tue, 06 Dec 2022 03:02:25 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=125361
Date: Tue, 06 Dec 2022 01:21:08 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:10:29 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 01:20:20 GMT
cache-control: public,max-age=3600
age: 48
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10581
Expires: Tue, 06 Dec 2022 04:17:29 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: XGoGfAoFfhVVPquI/GdJuEQFYvTBTiWXw05ZnQZ4gyv7vVhTfp76WcVXFrhv0eXFT2vFwPxNNe4=
x-amz-request-id: 6F66PH3853K6E2E7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 00:46:53 GMT
age: 2055
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D051CE4E860CD8DB2CD4B6AA2E2E4A9DF4D5441892B2210BE9A41DD58742090F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 07:21:08 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/bootstrap.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 121317
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d9e5"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   121317
Md5:    bd646f0d6da93f6332d4f1d86ee0942f
Sha1:   6de9e58a7f4a177f8711cbbae26e7db92136359f
Sha256: dfaa8bf4b1c788015d7c0208419f1cd0776008beaabbfbfb1f4a86ebb7ecc57f
                                        
                                            GET /gtag/js?id=G-SSJE53WRJ5 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 01:21:08 GMT
expires: Tue, 06 Dec 2022 01:21:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   76820
Md5:    ab3806fcb939c7d64439275368a5a685
Sha1:   892f3fbb323ad6850bbac976efe35bbea34c6740
Sha256: 1caf214c45746f49a7328d1e90c60f4b435271d6fc073a97a18f67a0d5a357de
                                        
                                            GET /css/style.min.css?1666529618 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 13492
last-modified: Sun, 23 Oct 2022 12:53:38 GMT
etag: "63553952-34b4"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13492), with no line terminators
Size:   13492
Md5:    c5100527a08c426e8bd5702dc9c53936
Sha1:   9ce0345d98384ef4e4fa88f10889734102ddff5b
Sha256: eedd012eea51adc3be71e2664440729065ccf10a5e8e2d50b76a5422570f344c
                                        
                                            GET /css/responsive.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 2757
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-ac5"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2757), with no line terminators
Size:   2757
Md5:    273e78e360319764e212a74a524db225
Sha1:   48be46c79f6cd2bffa2daa7ff8c76429b90be565
Sha256: 4d70fcd08b78605311ef9664abb966f7436696a81525abeb058e370b54bad984
                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 30990
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-790e"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30828)
Size:   30990
Md5:    621cf15eb9ee7413873564e6750c0809
Sha1:   401421861f5012bfb116e5e07cc9d5e8bb03f7bb
Sha256: 4e51d8719cc67c2d9106ea0e8a3e945249815b050956dcab3a6b9179e7e73285
                                        
                                            GET /css/themes/blue.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 472
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-1d8"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (472), with no line terminators
Size:   472
Md5:    a395d36f6ad74367c5e9d28a4c7b0a99
Sha1:   f3e962bfa9ae1909a86efb8438f8291074bb56d2
Sha256: 3fb379e741541fc76c04c12c10f2c7e01c496970d7aa8fdd944c47a619dbff22
                                        
                                            GET /css/select2.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 15823
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-3dcf"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15822)
Size:   15823
Md5:    809b4f5299218eab37a7c31e4c20478b
Sha1:   c9448efbf22bc6f6fbbbbfebbd656642bab13767
Sha256: 907f4395f54e25a1da1181672f1a498e98b26f7bfc6dcb6c209a737472451e49
                                        
                                            GET /css/select2-bootstrap.min.css HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 16799
last-modified: Thu, 14 Oct 2021 15:33:42 GMT
etag: "61684dd6-419f"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16470)
Size:   16799
Md5:    bf537ebef54c75143541dd6221ac72f8
Sha1:   72ff972b044d607c2fe4b02c75038cabd4efdcf7
Sha256: f4edc5337dd3ee41165554445386df470b870f545e0078170e1fbbc96c6adc31
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 37045
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-90b5"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   37045
Md5:    5869c96cc8f19086aee625d670d741f9
Sha1:   430a443d74830fe9be26efca431f448c1b3740f9
Sha256: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
                                        
                                            GET /js/main.min.js?1636993690 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 961
last-modified: Mon, 15 Nov 2021 16:28:10 GMT
etag: "61928a9a-3c1"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (450)
Size:   961
Md5:    fb48e56feb8391b1c2b599832c76a7f8
Sha1:   f40011eb16f2b2e8cd29ff6bb25a45426679f591
Sha256: 62237ef52460d457672d78a33741ddc1b8ffd7fdb5805d428c2e283ed4cdc86c
                                        
                                            GET /js/download.min.js?1666892246 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 1158
last-modified: Thu, 27 Oct 2022 17:37:26 GMT
etag: "635ac1d6-486"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (500)
Size:   1158
Md5:    43189dcfca2b2a1a2dfb463d2337dbd5
Sha1:   0fe3391f6491d1d3c58a1121851770b59d004614
Sha256: 47e163754c43bab9cfc374f88d641317028ebf5215e5f8c7242d90cf7cb151da
                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 89501
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-15d9d"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89501
Md5:    8fb8fee4fcc3cc86ff6c724154c49c42
Sha1:   b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
Sha256: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
                                        
                                            GET /images/logo.svg HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 7497
last-modified: Thu, 21 Apr 2022 05:48:35 GMT
etag: "6260f033-1d49"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1064)
Size:   7497
Md5:    5a5e2d2d819b65a94450d7fe8fa76233
Sha1:   64cc86f42a940e7dad8d33cb0802dd51490ee22e
Sha256: 8023e04aa411fcc094e97048b1811f17db4b43548b0d4d6c5135226e384fc412
                                        
                                            GET /images/home_icon_1.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 1097
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-449"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1097
Md5:    048b30786019caeb221dea0f39d6afdb
Sha1:   67fa6b67ad8ae0e1b283a4928158e43f59e81545
Sha256: 6388a88a40a903dac834dd1d42fe8ecfc3cdf67996020ffb7a66c3e8ce714a95
                                        
                                            GET /images/home_icon_2.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 1127
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-467"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1127
Md5:    16ee48571a5309c0420c476756c5d354
Sha1:   8487a3c1d97cc434a5d3ddddc63e406faefc55bf
Sha256: c3d7a9181ea3eebba498c07f828f1c3925ba7cf99ba8430dd747b4255d9a05eb
                                        
                                            GET /images/home_icon_3.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 1035
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-40b"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 45 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size:   1035
Md5:    4c746521247dd8e8520c96731d60ece0
Sha1:   098c5993b275a6adbfb9f18b231829496f1d3406
Sha256: d1eb492e1005fbd0b649fad1a3c60006f21ca1c1fba172eb4232569475237985
                                        
                                            GET /js/select2.min.js HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 72443
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-11afb"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64125)
Size:   72443
Md5:    1e3d14fddf0553e0b51f69cdccd4fd7f
Sha1:   b36737e7d2a65815c40ac86d0502f0cbb8b9bad8
Sha256: 9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
                                        
                                            GET /images/article/17/1.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 137297
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-21851"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 400, 8-bit colormap, non-interlaced\012- data
Size:   137297
Md5:    78ac004b39273940cbbd885b1680fbe7
Sha1:   23894718dad1bc05903c4e2959793928b9a3ff15
Sha256: f2bfb78df032edcc17778db627a5c905cf69b4263584d6df35fad5e9ca4750ac
                                        
                                            GET /images/article/17/2.png HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
content-length: 127642
last-modified: Tue, 20 Sep 2022 15:00:24 GMT
etag: "6329d588-1f29a"
expires: Thu, 05 Jan 2023 01:21:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 600 x 400, 8-bit colormap, non-interlaced\012- data
Size:   127642
Md5:    17ff2ea820754382be1f5fd2ab0b3074
Sha1:   2b9981df95d4a56957d57b3aa50c3022082780b7
Sha256: 296d373be9826be77d9220db0475e30f7eac6c060f1f7d5d1d7b334799312e3c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5934
Cache-Control: max-age=120278
Date: Tue, 06 Dec 2022 01:21:08 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:45:46 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 01:11:20 GMT
cache-control: public,max-age=3600
age: 588
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB2D760BCF28D314CEDFA36BA510C0329942DCC5F2E3D1CEC772074EB8DDC97D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1236
Expires: Tue, 06 Dec 2022 01:41:44 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "043DD1EE0E66C9FF35F830B85A47E5A174F4D8AC4CDAE82B28FD7FBC94B078D5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15022
Expires: Tue, 06 Dec 2022 05:31:30 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0DEC823367DEFD519454044A2702F5D09368F32A8BF5379E9A8F46FE7EF84EB"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15321
Expires: Tue, 06 Dec 2022 05:36:29 GMT
Date: Tue, 06 Dec 2022 01:21:08 GMT
Connection: keep-alive

                                        
                                            GET /a68d0334523588c77f10/1a181cddfd/?placementName=POP_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown_fc_a68d0334523588c77f10=1; expires=Tue, 06-Dec-2022 02:21:08 GMT; Max-Age=3600; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   1756
Md5:    442353e420446d1ccb7b4e65cabf6e8f
Sha1:   2a7820573748f7201af312e1899c1a0e74fc6471
Sha256: 482fdaf77b9ac0eac3944985e40f7a2a4674f97d32aad969f0dbafa2fce35cbb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Ubuntu:wght@500&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 01:21:08 GMT
date: Tue, 06 Dec 2022 01:21:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16214
Md5:    6d47a0b714f9f6366648609d017578ab
Sha1:   84aecaf0c1b9a9dd39eb49d9b9086c2edcf026d3
Sha256: 8236130ac3ece4530077bf20fefcf4e23b40a2eee38a8d07b15ecba453ef4c44
                                        
                                            GET /css?family=Roboto:300,400,500,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 01:21:08 GMT
date: Tue, 06 Dec 2022 01:21:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12560
Md5:    d3ada4a76b1705056fda90489319d2ac
Sha1:   e7c1d56dab817aef39a427394b89e0da4ae14512
Sha256: 1b076526d01634931bfa39005260de28142514e71177cbf5ca9b916ac201b85b
                                        
                                            GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:08:19 GMT
expires: Thu, 30 Nov 2023 20:08:19 GMT
cache-control: public, max-age=31536000
age: 450769
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Size:   30480
Md5:    0e7e5f9d3a8ef121149827180b790b5c
Sha1:   0e9f9333078e5df9245630ff6f68ba1d9da3c403
Sha256: e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:09:46 GMT
expires: Fri, 01 Dec 2023 08:09:46 GMT
cache-control: public, max-age=31536000
age: 407482
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size:   9628
Md5:    d9ac47c7e500fb7083b8d595eaf6fe12
Sha1:   112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
Sha256: 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 01:21:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 452814
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://download.tl/css/font-awesome.min.css
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
content-length: 77160
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-12d68"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kyf0TCnI54kzgBCixha8Jw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.213.75
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 96TXN9Le5f0vUG3O5CfVZHUgXW4=

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.tl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 452833
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39AF15D8C722DED74F02D2E70EB0D363301D917F486625AE920D4B5D87B3388F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8376
Expires: Tue, 06 Dec 2022 03:40:45 GMT
Date: Tue, 06 Dec 2022 01:21:09 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/download/c4a79dfc1d67a07ab696e7160edfeabd/
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM; _ga_SSJE53WRJ5=GS1.1.1670289666.1.0.1670289666.0.0.0; _ga=GA1.1.324066438.1670289666
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
content-length: 164551
last-modified: Tue, 05 Oct 2021 14:52:13 GMT
etag: "615c669d-282c7"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size:   164551
Md5:    7000e3e11388e09044d228f92ca2d175
Sha1:   d617696dedee957c307d9475a7d265894c841532
Sha256: d3fff883f5c2a8ddbde43685baabc9d3f5b44e698fc575d2c0dfc6f3672a45d8
                                        
                                            GET /js/pub.min.js HTTP/1.1 
Host: cdn.puuush.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.236.118.99
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Wed, 07 Dec 2022 01:21:09 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2752)
Size:   1482
Md5:    31c303586c1b78e33984bd252b8e2644
Sha1:   8083e2aad4cbf8242a4e6fb53657d49552b85f82
Sha256: d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
                                        
                                            POST /g/collect?v=2&tid=G-SSJE53WRJ5&gtm=2oebu0&_p=1501478948&cid=324066438.1670289666&ul=en-us&sr=1280x1024&_s=1&sid=1670289666&sct=1&seg=0&dl=https%3A%2F%2Fdownload.tl%2Fdownload%2Fc4a79dfc1d67a07ab696e7160edfeabd%2F&dt=Download.tl%20-%20copy-32.zip&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.tl
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://download.tl
date: Tue, 06 Dec 2022 01:21:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /sw.js?v=1670289667052 HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; lang=en; VHYy=y0SM; _ga_SSJE53WRJ5=GS1.1.1670289666.1.0.1670289666.0.0.0; _ga=GA1.1.324066438.1670289666
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
content-length: 45
last-modified: Fri, 30 Sep 2022 08:16:35 GMT
etag: "6336a5e3-2d"
expires: Thu, 05 Jan 2023 01:21:09 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   45
Md5:    25fa0b961fe7adc7681019028b3b7ffa
Sha1:   6422d4cf5b4b57220f1d592c726c7471d2e99cb6
Sha256: 98f9b8694bc6faf2e0f815d70bc8d75a29c1ff15a2b0d51d84061f55d5b49c96
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2979
Expires: Tue, 06 Dec 2022 02:10:49 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "178C22FEFA7179132D81521E5E2E2932B5CDAA3AE619B982787CCF60CCB53BAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2979
Expires: Tue, 06 Dec 2022 02:10:49 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            GET /sw.js HTTP/1.1 
Host: cdn.puuush.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         173.236.118.99
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   776
Md5:    f72a11763f13b05c1f2379d13387dd05
Sha1:   002fbf7672d3f4655b89b6413d160e4185ce9900
Sha256: 70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "11953130BD6C2BEA21CC0F87DE5169682F44891F7777C3F32E9CB372F17FCB08"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Tue, 06 Dec 2022 03:33:01 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "11953130BD6C2BEA21CC0F87DE5169682F44891F7777C3F32E9CB372F17FCB08"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 07:21:10 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16376
Expires: Tue, 06 Dec 2022 05:54:06 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3650CC3E387409C2AD0A379D3BB97C93828B65C74C9C147CE00213F09159868F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6905
Expires: Tue, 06 Dec 2022 03:16:15 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3231
Expires: Tue, 06 Dec 2022 02:15:01 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5929
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8978
x-amzn-requestid: 59cc852a-eb8c-45ab-a370-a176bffea0ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqSrJGoaoAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d97e0-3760c58b6d2b7a6561541201;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:04:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xSapcXr_Lw9Bg_aOZlfNv5Y-UzqGxG5lVThE4APtxcc8gy8X_W0Kww==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:17:55 GMT
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
age: 64995
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8978
Md5:    dd0fdca9dfb3e18fcbb5c89e12922da7
Sha1:   d8acf7053a01df2c503c734d52070ff4802d5a01
Sha256: 61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 10727
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9DoDl2ynVT-wtTVbAsUO7LoGG8T559DkLEfVf8ALbnAGcjajBq25yQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:36:28 GMT
age: 78282
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9354
Md5:    2e11524d75503e35c404d6c9a12ac540
Sha1:   5626b75f5c2523f1a0fc301839a06a4e2407f106
Sha256: d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 12923
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    2f60a6490f38a772dcd50a1132e98e1b
Sha1:   ff254a1df087d2c157d88a6ef04e395dc49efe5e
Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XaKRGgDJdys5Ufgv2QasOrlxuXHRnb8dJWc_tHiXa72QvQ-egpRDsQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:37 GMT
age: 10533
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9987
Md5:    8055d0db573ab34924db3b60ed788bb2
Sha1:   a4aae05e7a929fc7f652f56748d2a2da9c44ac45
Sha256: f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 10681
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13706
Expires: Tue, 06 Dec 2022 05:09:36 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8CD6D0EA4D08CFAAFBDAAB776E145AC20BFD677D69AE56D274D24859D570C94A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10820
Expires: Tue, 06 Dec 2022 04:21:30 GMT
Date: Tue, 06 Dec 2022 01:21:10 GMT
Connection: keep-alive

                                        
                                            GET /728/90/111.gif HTTP/1.1 
Host: aff-aff.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Sun, 13 Sep 2015 21:36:50 GMT
vary: Accept-Encoding
etag: W/"55f5ec72-b849"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /9668f6a5b437ef48b15e/af7248ffce/?placementName=PUSH_VHYy&user_param=386608&user_check=865666290&FSWL=1 HTTP/1.1 
Host: my-pu.sh
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.58
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:08 GMT; Max-Age=86400; secure; SameSite=None used_ad2694267=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13131; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13131; secure; SameSite=None push_loaded=yes; expires=Wed, 07-Dec-2022 01:21:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/AfPop.js?ver=25 HTTP/1.1 
Host: o-oo.ooo
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
last-modified: Wed, 20 Jul 2022 07:41:27 GMT
etag: W/"62d7b1a7-15975"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_FILENAME_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=1_5902&maxw=735&maxh=100 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2834594=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /19b9c868380394656d2a/5e01d9f73e/?placementName=UNDER_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=3_8938&maxw=645 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2834447=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /genericImages/breaking-news/spider.jpg HTTP/1.1 
Host: aff-a.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Wed, 09 Oct 2019 09:25:50 GMT
vary: Accept-Encoding
etag: W/"5d9da79e-f2f2"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /download/c4a79dfc1d67a07ab696e7160edfeabd/ HTTP/1.1 
Host: download.tl
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         185.66.200.173
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: __app_id=u7s3b62n88hdpvcv68otgdbrvb; path=/; secure; HttpOnly; SameSite=Strict lang=en; expires=Thu, 05-Jan-2023 01:21:08 GMT; Max-Age=2592000; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict VHYy=y0SM; expires=Tue, 06-Dec-2022 05:00:00 GMT; Max-Age=13132; path=/; domain=download.tl; secure; HttpOnly; SameSite=Strict
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAME-ORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /0e2b09792c744001c7ab/3fddfb685b/?placementName=IN_ARTICLE_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=4_163&maxw=635 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2706738=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2834576=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/responsive.js HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:08 GMT
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /genericImages/breaking-news/ufo.jpg HTTP/1.1 
Host: aff-a.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Wed, 09 Oct 2019 09:25:05 GMT
vary: Accept-Encoding
etag: W/"5d9da771-13b4b"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /0e2b09792c744001c7ab/323d7e27fd/?placementName=TOP_NON_GENERIC_VHYy&user_param=386608&user_check=865666290&FSWL=1&is_first=true&randomA=0_8521&maxw=1130&maxh=100 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2834510=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2633407=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /genericImages/breaking-news/monster.jpg HTTP/1.1 
Host: aff-a.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Wed, 09 Oct 2019 09:26:27 GMT
vary: Accept-Encoding
etag: W/"5d9da7c3-6f44"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /genericImages/breaking-news/water.jpg HTTP/1.1 
Host: aff-a.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Wed, 09 Oct 2019 09:24:25 GMT
vary: Accept-Encoding
etag: W/"5d9da749-1ac32"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5070df7217e45e2a84c2/a3ecc1ef3f/?placementName=ABOVE_DOWNLOAD_BUTTON_VHYy&user_param=386608&user_check=865666290&FSWL=1&randomA=2_3301&maxw=338 HTTP/1.1 
Host: qoaaa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.tl/
Cookie: shown_fc_a68d0334523588c77f10=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:09 GMT
set-cookie: shown1=0; expires=Wed, 07-Dec-2022 01:21:09 GMT; Max-Age=86400; secure; SameSite=None used_ad2834930=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; path=/; secure; SameSite=None total_impressions=1; expires=Tue, 06-Dec-2022 04:59:59 GMT; Max-Age=13130; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /affiliate.php?aff=386608&width=468&height=60&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 
Host: affili.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /affiliate.php?aff=386608&width=728&height=90&iframe=1&realRef=MjQ0Q1pDbjRtaXlLTUxhSVQ2TCtVNXBERlk3WTFGUGxMQUc3c3hZWmpDST0= HTTP/1.1 
Host: affili.st
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qoaaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /468/60/151.gif HTTP/1.1 
Host: aff-aff.advertica-cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://affili.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.66.200.127
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Dec 2022 01:21:10 GMT
last-modified: Sat, 19 Sep 2015 22:07:35 GMT
vary: Accept-Encoding
etag: W/"55fddca7-4d0f"
expires: Thu, 05 Jan 2023 01:21:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---