Overview

URL https://a.top4top.io/f_xhHnHv7Hh1wqRNJ9PTK6VQ/1654630342/1280je28j1.rar
IP51.159.64.45
ASNOnline S.a.s.
Location France
Report completed2022-06-21 09:38:45 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-21 2 a.top4top.io/f_xhHnHv7Hh1wqRNJ9PTK6VQ/1654630342/1280je28j1.rar Malware
2022-06-21 2 top4top.io/f-1280je28j1-rar.html Malware
2022-06-21 2 top4top.io/downloadf-1280je28j1-rar.html Malware
2022-06-21 2 top4top.io/share.js Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/reset.css?rev=47 Malware
2022-06-21 2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] web.facebook.com (1) 206 2015-05-14 07:35:40 UTC 2022-06-21 05:58:21 UTC 31.13.72.8
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-21 04:27:24 UTC 23.36.76.226
[Mnemonic Passive DNS] a.top4top.io (1) 588496 2019-12-10 21:55:22 UTC 2022-06-12 02:45:03 UTC 51.159.64.45
[Mnemonic Passive DNS] ajax.googleapis.com (1) 12905 2017-01-30 05:00:30 UTC 2019-10-16 05:01:16 UTC 142.250.74.42
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] top4top.io (10) 118839 2021-07-22 14:24:43 UTC 2021-07-22 14:24:43 UTC 188.165.137.170
[Mnemonic Passive DNS] connect.facebook.net (1) 139 2013-09-20 12:03:21 UTC 2022-06-20 04:42:05 UTC 31.13.72.12
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-21 04:29:47 UTC 54.230.111.99
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-21 05:15:05 UTC 93.184.220.29
[Mnemonic Passive DNS] www.google-analytics.com (2) 40 2017-01-30 05:00:06 UTC 2022-06-19 22:53:55 UTC 142.250.74.174
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-21 04:55:31 UTC 35.80.175.197
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-21 05:50:57 UTC 34.120.237.76
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] s.top4top.io (10) 0 No data No data 172.67.133.128 Domain (top4top.io) ranked at: 118839
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-21 04:45:21 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 51.159.64.45

Date UQ / IDS / BL URL IP
2022-07-05 15:47:56 +0000
0 - 0 - 4 a.top4top.io/f_lj0l4tuuhz9oldd6imj1ba/1657158 (...) 51.159.64.45
2022-07-05 15:47:26 +0000
0 - 0 - 8 a.top4top.io/f_ivl5cdqzguxhrc05nfpq3a/1657158 (...) 51.159.64.45
2022-07-05 15:46:34 +0000
0 - 0 - 5 a.top4top.io/f_7stgwcx0azj7l9c6sspjqq/1657157 (...) 51.159.64.45
2022-07-04 15:30:32 +0000
0 - 0 - 7 a.top4top.io/f_k8tcup_j-kivcn-vj6jsga/1657053 (...) 51.159.64.45
2022-07-04 01:42:45 +0000
0 - 0 - 7 a.top4top.io/f_jim10vsu7q85unqxs3saew/1655570 (...) 51.159.64.45
2022-07-03 14:56:48 +0000
0 - 0 - 9 a.top4top.io/f_jim10vsu7q85unqxs3saew/1655570 (...) 51.159.64.45
2022-07-02 15:29:32 +0000
0 - 0 - 8 a.top4top.io/f_aptd0orbxroxvb0pfrmkhg/1656844 (...) 51.159.64.45
2022-07-01 16:52:54 +0000
0 - 0 - 8 a.top4top.io/f_yrkovq1kow0jh1zakx2-sa/1655451 (...) 51.159.64.45
2022-07-01 15:59:08 +0000
0 - 0 - 4 a.top4top.io/f_jTCe2XUVGf56Tx2paFYPGA/1656863 (...) 51.159.64.45
2022-07-01 15:40:19 +0000
0 - 0 - 10 a.top4top.io/f_aptd0orbxroxvb0pfrmkhg/1656844 (...) 51.159.64.45

Last 10 reports on ASN: Online S.a.s.

Date UQ / IDS / BL URL IP
2022-07-06 01:52:50 +0000
0 - 0 - 3 mediaget.com/installer/mediaget_installer_467 (...) 51.158.184.220
2022-07-06 01:51:54 +0000
0 - 0 - 4 ilduomo.fr/ 51.159.19.231
2022-07-06 01:31:43 +0000
0 - 0 - 1 hemman490.s3.fr-par.scw.cloud/harman_html.html 51.159.62.7
2022-07-06 00:49:45 +0000
0 - 0 - 1 dicom-ac.fr/ 51.159.19.231
2022-07-05 23:51:46 +0000
0 - 0 - 5 ilduomo.fr/ 51.159.19.231
2022-07-05 23:45:45 +0000
0 - 0 - 3 agnesldsteeg.fr/ 212.129.42.252
2022-07-05 21:31:44 +0000
0 - 0 - 9 e.top4top.io/f_pbydr4xsj2xzjgxincsl3a/1655737 (...) 51.159.67.135
2022-07-05 21:31:25 +0000
0 - 0 - 6 d.top4top.io/f_imis3uxggxprj6e8vevbfw/1655737 (...) 163.172.36.88
2022-07-05 21:31:25 +0000
0 - 0 - 6 d.top4top.io/f_q1tucsr02jmecd2ikpfg5q/1655736 (...) 163.172.36.88
2022-07-05 18:25:28 +0000
0 - 0 - 1 yvette-mure.com/video-exe/video4.exe 62.210.16.61

No other reports on domain: top4top.io



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 203, repeated: 1) - SHA256: bc65c1c0c93e5e84cd5b3979ddcfcc5eb7074005a14f89529053a1bad24484a3

                                        < a href = "http://cutt.us/share.php?s=sphinn&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/sphinn.png"
alt = "Sphinn" / > < /a>
                                    

#2 JavaScript::Write (size: 228, repeated: 1) - SHA256: 5dcc2b8240125cc8e94480fdf33e67eafae3447bdcda0f76a45d5981a2f7b34a

                                        < a href = "http://cutt.us/share.php?s=technorati&encode=UTF-8&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/technorati.png"
alt = "Technorati" / > < /a>
                                    

#3 JavaScript::Write (size: 206, repeated: 1) - SHA256: 11d4ac57e0d1aa19976ffa119f269c82a2156c04fc4cb77a66c4d26c88b2917e

                                        < a href = "http://cutt.us/share.php?s=twitter&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/twitter.png"
alt = "Twitter" / > < /a>
                                    

#4 JavaScript::Write (size: 209, repeated: 1) - SHA256: d4031e0c1dd48bc6753de6fe7a891ef2b8a1795cf365db35b30e85850d137b61

                                        < a href = "http://cutt.us/share.php?s=facebook&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/facebook.png"
alt = "Facebook" / > < /a>
                                    

#5 JavaScript::Write (size: 197, repeated: 1) - SHA256: 3fa77ff1182c46746d4286dda208504a46817f92b2c84b31fc84149c42645df2

                                        < a href = "http://cutt.us/share.php?s=live&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/live.png"
alt = "Live" / > < /a>
                                    

#6 JavaScript::Write (size: 203, repeated: 1) - SHA256: 551bee3ca3e14b4960416f1ef87ce4c71dac1cb1be80b6e3b53f4adbf7e42e00

                                        < a href = "http://cutt.us/share.php?s=reddit&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/reddit.png"
alt = "Reddit" / > < /a>
                                    

#7 JavaScript::Write (size: 206, repeated: 1) - SHA256: 6fec7c8093ca06e4b4f1f62c6b54244f163c3d45847ec004182f2510953f249a

                                        < a href = "http://cutt.us/share.php?s=myspace&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&title=SLAYER Leecher v0.6 | *-EJD"
target = "_blank" > < img src = "images/myspace.png"
alt = "MySpace" / > < /a>
                                    


HTTP Transactions (48)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D69BCE21B0054D4C12B19B0D71E51C7A56F6F28E8F0E2193836EFD9CA3231098"
Last-Modified: Tue, 21 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13394
Expires: Tue, 21 Jun 2022 13:21:43 GMT
Date: Tue, 21 Jun 2022 09:38:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FA93F9D4231B0B7144EBFA385B3E2D7892E57D83862306D353CF20AA307FE4B6"
Last-Modified: Sun, 19 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14442
Expires: Tue, 21 Jun 2022 13:39:11 GMT
Date: Tue, 21 Jun 2022 09:38:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 21 Jun 2022 08:42:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _4D5Be1Vkza-RWRwgf2iHeyUdXSTs9vDtK-sfllJoxcjjT4tB_xE4w==
Age: 3362


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
date: Tue, 21 Jun 2022 02:10:51 GMT
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fvpccS8tTaRr9rabEQUbIJdtHi4IVyYTpzMvqSIZr9YrKQjipwkqZg==
age: 26859
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /f_xhHnHv7Hh1wqRNJ9PTK6VQ/1654630342/1280je28j1.rar HTTP/1.1 
Host: a.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         51.159.64.45
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 21 Jun 2022 09:38:29 GMT
content-type: text/html
content-length: 138
location: https://top4top.io/f-1280je28j1-rar.html
reason: Invalid
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 21 Jun 2022 09:38:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /f-1280je28j1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.170
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 21 Jun 2022 09:38:29 GMT
Server: HotCores
Location: https://top4top.io/downloadf-1280je28j1-rar.html
Content-Length: 256


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   256
Md5:    002847cca2899cc9d63b273de16f9050
Sha1:   e1bee51604d4e1c4e3922fe3cc898ca03763e79b
Sha256: ecbf07ce6c0b1187b3cc042a5a748aea548b64220d1a94ce44decb303c58067e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /downloadf-1280je28j1-rar.html HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1841955378.1654357939
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 09:38:30 GMT
Server: HotCores
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
P3P: CP="CUR ADM"
Set-Cookie: sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; expires=Thu, 23-Jun-2022 09:38:30 GMT; path=/ klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc; expires=Thu, 23-Jun-2022 09:38:30 GMT; path=/; domain=.top4top.io; httponly
I-AM: US03
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411)
Size:   18125
Md5:    d4fb2ea128d363fbfdd1f9b3440b1036
Sha1:   6d7d7460522b34717af2b187d1fa3e3e89bbea41
Sha256: 1387e2117be23f015f6fc85cee790a270cb1f227d5401015db18924b871723b3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/images/newlogo.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 498026
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNI2MdeCsZANXdJLkUOUfpogGBOha0Ptr5dBiS1qbTMnokDLK5udvLNwAJfYNtz4oQXViA4OFoct9CN3bCgYDuuF1VN%2FGxC28p3GwKnOvIQoOABBHBvV85Bn5Uqfsrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d38e8b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Size:   19068
Md5:    d68c79880117110f89d39cce5c43d39c
Sha1:   6e30dcd905314f77912b224e35ce089560553300
Sha256: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
                                        
                                            GET /styles/default-new-reg/images/soft.png HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 3317
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls%2Fg5RURa3JtF6U%2FrdqEZaj%2Ffym6DodT%2BgpL4df7t4Sdyn%2F7wAwZ1S0Qd%2F2g5bhS%2B1p3Aoy2%2FgXK9qs0zmytPwF0JBjiz6Dx5pP0t6Diwx1ohXnDlAvH%2FOGERpUau%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d38eab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size:   41248
Md5:    8cf5d3f055149868fd89971433ed8ece
Sha1:   e877509e97d487b44bdd7203c7e3ca2795963afa
Sha256: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 09:38:30 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5936
Cache-Control: 'max-age=158059'
Date: Tue, 21 Jun 2022 09:38:30 GMT
Last-Modified: Tue, 21 Jun 2022 07:59:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 09:38:30 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5e69342a82bfc9654a1f4cb36569e79a
etag: "6c2b1586b34eab00488c2063a72f362e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 21 Jun 2022 09:56:48 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 6Y2kHMiOAI1QBm0eNzHk5A==
x-fb-debug: heuwIHR1uJtGAhdDIEPT3bjkwp/5vBdkh3EUuxv3vnqVTcZE89POvVTDPRgdY9El2VbEWQk3EFXwA/KM33grpg==
content-length: 1688
x-fb-trip-id: 1904183273
date: Tue, 21 Jun 2022 09:38:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1688
Md5:    e98da41cc88e008d50066d1e3731e4e4
Sha1:   3d85ede3545dafe9dd7d59cbc37f47bb3203ef21
Sha256: 0e5e3df00ae5175d9559a1f7fa85b2c4094b0fb3601ad0cfcd0f89b0f64c14d3
                                        
                                            GET /share.js HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:30 GMT
Content-Length: 2045
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-7fd"
Expires: Tue, 28 Jun 2022 09:38:30 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document, ASCII text, with CRLF line terminators
Size:   2045
Md5:    d6b05c71ce92a4e0599cf8b731966510
Sha1:   8735a20d053e085fdfe0963cab19b9499e1be457
Sha256: ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: text/javascript;Charset=UTF-8
                                        
Date: Tue, 21 Jun 2022 09:38:30 GMT
Server: HotCores
I-AM: US03
Content-Length: 3


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Jun 2022 15:42:34 GMT
expires: Wed, 14 Jun 2023 15:42:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 582956
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33434
Md5:    430e927c980ad4079de727fa59dd93f2
Sha1:   891aaada9a55a91292999f6d50fd300439905982
Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
                                        
                                            GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 372153
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjFlpFtY5meR6mjmwi3U%2FrheWATBCbl50%2BrqO4L7P2V4S%2FgRhTzY7cOW8BwWC0vV%2FXNjyIKwZWAjMXD0cuImN9uwsggaNG2%2F%2BBLmtsVy%2BXjxYLQlrX1kSFdxtbl8BaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d28c2b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (9567), with no line terminators
Size:   2883
Md5:    22c587de598dcd6f5dabdc614328ff21
Sha1:   6165f5c50b1f88803c2ad3826e2de54076e0749f
Sha256: 1dcc160dee6b7a99ed9b24905e3a5dd878f49821b746c4093ae95c1027862a60

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 09:38:30 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 389329
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IQrO5mE6H0i5oUxVbkcPnreEz2kTSow%2BXPKOR6CQHNcLUBcoUTb7cLjgU1nO%2FtCU1NdUWW6IilOSXlY8myAPoCwOF95StHuMvuDYyVOwCFnw3uoYtp2AnQ%2BywOMC9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d28c7b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (538)
Size:   2437
Md5:    d6c137dc4d077b12d85548b7939b0a46
Sha1:   27a8048cf5eb46c36b5d6aca473a607aea38a583
Sha256: 2b9e108f10ed8ebbb0da2d6401cd2a7e445160c6ae96c3c73a3c62eb7b26804c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/images/zl.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:30 GMT
Content-Length: 673
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-2a1"
Expires: Tue, 28 Jun 2022 09:38:30 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   673
Md5:    5caf58a4705aa53b41535b86b18819a1
Sha1:   d38040f84c6dcc16c40519bf0249ea8097b8e969
Sha256: 20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
                                        
                                            GET /styles/default-new-reg/css/stylesheet-3.3.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=23881
etag: W/"5e0bab24-5d49"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 121865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0Z8d1k%2ByeYxcZImZgw4VPdL0VQMeaauAai1eDuptrP8VmLhOatlUUIhy7vD3bec2VvuPxWc%2BF1s%2F%2FvcGN2j6SUr8O4gt8uWZfuXe6Hkw9eepU72dGIu5XowEBUfa0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d48eeb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18682), with no line terminators
Size:   4894
Md5:    e1b8031f7bcc3013e686cb1f337e0b7b
Sha1:   bbf003873bc13084ad077f97eb34bee7cff28653
Sha256: 5fc8ac90fa04b6e32f8d8f1e127d0902a718672b2dd1b264cc22278f4a85f66e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 121865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuAc6JgTud0HxDB8EC7Bx9p%2BwBAQmX21fxouG3ZL8N2LcWOq3yjNujwLkCvFOUT5RDfvOKx8Jb2b0esjpYpe9GGxrpz%2BQ%2BrYvxGpMjFeIrWgMC9wOTDXlqt%2BubW0Bc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d28c4b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32108)
Size:   9878
Md5:    19d0d25e0cec8dc5e48f8a637eb61545
Sha1:   72c6386a51fd1d55f80a9463a1ec988d83174f9b
Sha256: 37b6260143d7d16aa0fa6ffdb247910cfbfc477472f599648e2ad045f7515b9a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 21 Jun 2022 09:19:25 GMT
Expires: Tue, 21 Jun 2022 09:45:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qzVA-wK8QHcrycQy_FgQm_NPkLaiZfr1wA2oHhNq32H89s_FDjHxHw==
Age: 1145


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-1bae7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 10560
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ8IaczRwmxXpV7niTE3JMclWaxB6S2DpbShwRdcw5KETFmqjjBFnpQCdDsVuT1440vsdVA9qacnT9ruWjmoF8yDWYcLshYZIlWYFT0KsiitloxOLBxzAfQwJOEe7Tw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d48efb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65368)
Size:   84817
Md5:    ce8c2ef4b1ece387fffab493f8b36de2
Sha1:   e5c5dd316c9e34542291635422bf6892fe14e348
Sha256: d766152ab97afd63a78380f4191a5ff4a1046ac4ab8c04a9025512fb37647bea

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/twitter.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:30 GMT
Content-Length: 385
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-181"
Expires: Tue, 28 Jun 2022 09:38:30 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   385
Md5:    cea04ecdecaebee1062f70f6c0377e9b
Sha1:   d8fc45f070c93f100423bb5e724c2394e0664d29
Sha256: 09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
                                        
                                            GET /styles/default-new-reg/css/reset.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=1013
etag: W/"57e8eb5d-3f5"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 10560
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qmht%2FeRptoVR7xIEdrqbqtBfSAYn7BxMABHQV1ey4tqokRvZZ1DHguy%2FgfGNl3ILAAsfv9qjhIyz%2FluHIbwcCchx3clZZJrVayMpHnJxbuA3ROtx6QzxE8hrxgYkAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d28bdb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (675), with no line terminators
Size:   519
Md5:    e7656928d45d8369b6811ee6941a9943
Sha1:   e103b080bcc8e46f1e5282bbf7696309aa107d2d
Sha256: 71dc6ea546da2ce200a22464a3f1424b358a8d77c1a0fb0c81971a5cdb5d2f77

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 10560
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lT5uj%2FHnd67CETh1vUbJm1wUToSzSgLqPBw5hGOgSyN5sGP%2BrFegPUh0c%2FIU2H68O1gdSohMRqHAoe0WxND4EpyoEwrWJk0eUflA0vjW1dRYwnsGyukpJvxY3ABEHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d48f4b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators
Size:   941
Md5:    8bf8eae9202fdc512b5c37b78e26fdff
Sha1:   4ecfc9c53ae44327dcf5257381635579e0ac6206
Sha256: 9fb5e0ad4024282394bd26826a906dc4dadf3406deed165cba8163e812443266

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/reddit.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:30 GMT
Content-Length: 645
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-285"
Expires: Tue, 28 Jun 2022 09:38:30 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Size:   645
Md5:    2a94deb80f88d3f76f263d134b0b1af6
Sha1:   7ef18707f538b89f59cfdb647d2f4f4efe29e23e
Sha256: 38b5f357b4afe9b318ff9bf0806bf69856b80bac27671321097f9840c27e47c7
                                        
                                            GET /images/myspace.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:31 GMT
Content-Length: 776
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
ETag: "57e8eb5d-308"
Expires: Tue, 28 Jun 2022 09:38:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   776
Md5:    35578456cc898dfd8aa2112c223cdced
Sha1:   1d342dae525f04e2dfc7e097bba4a6881b414b35
Sha256: 956189a17826806990967d4836472550d6ed3a8192c2bc1e679dc3cabe440edf
                                        
                                            GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1 
Host: s.top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.133.128
HTTP/2 200 OK
                                        
date: Tue, 21 Jun 2022 09:38:30 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 121865
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7UOvIM8M3ffxqMJf%2Bh3IrzJReG2m1O2Rd%2BbJEYEUixxbaJJuJFEL4n4I%2FTkDR6DPuhocDYe9TaZF0o%2FouA0TSjCIQTwUBlBwHnmnJkFYJo1Txq09nnANJBxWZcgF60%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71ebc58d28c5b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (474), with no line terminators
Size:   468
Md5:    be01ebd9f28e085a4d04d12390579359
Sha1:   98b6139e2be12e2afaa5391b1d0576fe52c8b648
Sha256: 1ac3c9ddc689b1132f8e0da87097164e0814896d479ca6c087d2c0b02e6b5b7d
                                        
                                            GET /images/technorati.png HTTP/1.1 
Host: top4top.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/downloadf-1280je28j1-rar.html
Cookie: _ga=GA1.2.1841955378.1654357939; sid=Mm1upFUnWQSoK6ltgKEca-5xnCe; klj_40d147_fdkey=1000208fa41e21bd1043bef48d4be732591b20cc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         188.165.137.170
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: HotCores
Date: Tue, 21 Jun 2022 09:38:31 GMT
Content-Length: 283
Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT
ETag: "57e8eb5c-11b"
Expires: Tue, 28 Jun 2022 09:38:31 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   283
Md5:    f120938135c52cd80b7f37bd5b17daf4
Sha1:   1cb99566ca564dd8a8273a616d072739c58b4290
Sha256: 6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 09:38:31 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 21 Jun 2022 08:41:13 GMT
expires: Tue, 21 Jun 2022 10:41:13 GMT
cache-control: public, max-age=7200
age: 3438
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Jun 2022 09:38:31 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j96&a=1164163396&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&ul=en-us&de=UTF-8&dt=SLAYER%20Leecher%20v0.6%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x1024&je=0&_u=IADAAEABAAAAAC~&jid=1439604478&gjid=839070633&cid=1841955378.1654357939&tid=UA-9340508-1&_gid=1560808223.1655804306&_r=1&_slc=1&z=558292700 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://top4top.io
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
access-control-allow-origin: https://top4top.io
date: Tue, 21 Jun 2022 09:38:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    38684612f0c6bb6dfa16da92f4a6878f
Sha1:   6fe62d0dd7db314b7f9bb945672f078e01d27f0f
Sha256: a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wD8gogGv0mqloruiCyE9vQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.80.175.197
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kBw6KsVvBuP/+sIiT27MXh+upcc=

                                        
                                            GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3831671896637%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff244117d64dad8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-1280je28j1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1 
Host: web.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.8
HTTP/2 200 OK
                                        
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: /KhrkNLQSwMnRXeUdl2Yi0+8S4O/lEPbGOubleO1l8BGYmMaylf9vOgif7RDZSGRgUMTmzITnDiXBmVdS/jTHQ==
content-length: 0
date: Tue, 21 Jun 2022 09:38:31 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14164
Md5:    10ebfb0ae79bb7df94fc25f3362ad755
Sha1:   6690dcd996bd8af789024f4ad794d40359d24520
Sha256: 587a18517928280e8d7051ca46b6dd75171ce101dedaf57575e3219715d6f07a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7239
Expires: Tue, 21 Jun 2022 11:39:11 GMT
Date: Tue, 21 Jun 2022 09:38:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7239
Expires: Tue, 21 Jun 2022 11:39:11 GMT
Date: Tue, 21 Jun 2022 09:38:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7239
Expires: Tue, 21 Jun 2022 11:39:11 GMT
Date: Tue, 21 Jun 2022 09:38:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4"
Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7239
Expires: Tue, 21 Jun 2022 11:39:11 GMT
Date: Tue, 21 Jun 2022 09:38:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba528a3-f316-4979-86c4-e7b9a966ec78.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7657
x-amzn-requestid: 85608834-b772-45cd-8f33-185acb4575e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T3HoOFA0IAMFurg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ac5301-4e64a9392865b27029f6bdee;Sampled=0
x-amzn-remapped-date: Fri, 17 Jun 2022 10:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DeKZ17tLMB_qU-MkWgZEjNb6yL85G_kDnktZujrUAMHCGsSvL9jbEw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 00:52:32 GMT
age: 31560
etag: "3148263575821f1930be305f421bd57a1a4c4ba7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7657
Md5:    57ee32e01a756e1634e4e143d5e64e3c
Sha1:   3148263575821f1930be305f421bd57a1a4c4ba7
Sha256: 3d76df512facc4a2c246e4f8f069c1f90f2d8f204ad05dab0ca6801dac791ca0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97bf44db-6275-4532-9861-6b256787545d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4441
x-amzn-requestid: 7c3f1675-5bb4-4d98-95fb-3e87a8716aad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T5DTlHbIIAMFUVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ad18e3-2e87e9f909fa583d6958ca07;Sampled=0
x-amzn-remapped-date: Sat, 18 Jun 2022 00:14:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5pFlkrDC3BMLGnC985t_iNQsjwW2GCbypHWjqchfLPlfvmnCTm4Kw==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Jun 2022 12:34:11 GMT
age: 75861
etag: "9e6825aa6c0b429a49568857e4cc1920c4ecfe6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4441
Md5:    2141bd42f738345807d94b0d5df8e341
Sha1:   9e6825aa6c0b429a49568857e4cc1920c4ecfe6a
Sha256: 1d4b067c8b671450c0f12a4a45487c4445b0ce401078697f5bb7e9ae45bd8cfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bdd4a65-0ad3-4d4c-8ae1-589d76820dd1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8608
x-amzn-requestid: 3d2544b7-04a9-4549-9321-b403a8e3e4ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8NC1GGpoAMFxdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae5bab-5d03e5ad6ad6b8e11d7005e3;Sampled=0
x-amzn-remapped-date: Sat, 18 Jun 2022 23:11:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AeM9AJkDK8mb2O-WSmX-weX6R-sFp_Ob-30DplH0oh1Shk-3j8v7NQ==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 06:02:21 GMT
age: 12971
etag: "4ba7927de178b6dcbbc2295cdd97d0d7ea5a0d0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8608
Md5:    ba25c9e230ff89b9ddb9444eab36e09f
Sha1:   4ba7927de178b6dcbbc2295cdd97d0d7ea5a0d0b
Sha256: 13cee81050d1f549f54167254f6c9522bc5d0f30b14754752cc1e1dac05c8658
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe81282fc-e913-4778-ba95-a7fe950ca57e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5177
x-amzn-requestid: 59b31e91-e2b0-4071-b63f-4c70ff440e9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VueFk-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae698f-20c1a1c231fae30e62beefe2;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:10:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zNn7IgB39EDxKDdH9fSQbG4H-1JRgay5OmH88vhtmQCyojnPYPNAJw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 00:31:08 GMT
age: 32844
etag: "7fb20c43441769cb55ffed4b34f95a9577e55682"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5177
Md5:    29954eb08ed58a03fb57cd7997ccd783
Sha1:   7fb20c43441769cb55ffed4b34f95a9577e55682
Sha256: bf8448b64610881d2bdf740e507f8b67488ddb704d92f34affdea3bcf3251471
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb9caed1-1ef7-4e50-a63b-e5717cf6dbfe.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7268
x-amzn-requestid: 5ae6e18c-ed36-43db-ab68-d0a9504fac5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TvJgGHVTIAMFhXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a922cd-6913d75d5ea1df0675e2829e;Sampled=0
x-amzn-remapped-date: Wed, 15 Jun 2022 00:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dFGoGnWkFyd4ELjNKpVRcNbhVDSTksnw8Ax_SQvY598kBzaEmRkEwQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 00:36:46 GMT
age: 32506
etag: "0dd0e93bf2a44af88638c33eb4aa21592f191a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7268
Md5:    4be72646654c94082881bc28fee9cf13
Sha1:   0dd0e93bf2a44af88638c33eb4aa21592f191a20
Sha256: 87b528ce2e4355f7bb6f5777eb52aa989f4e923fc3ae3bfe2f33c6cb219498d7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35047430-55a7-4bc0-8f13-3c1a0222fb17.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5460
x-amzn-requestid: c3127dcb-8f17-4906-95f0-9dad693eeaee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VMpF2woAMFa-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae68b7-5b99e987073cb76b42f246ae;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:07:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-LOI4JINANLeMNdnFQxxRsOdoEbW9L5Es90j4PAvu2LRnnHZGPCag==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Jun 2022 01:31:38 GMT
age: 29214
etag: "486af4712134398a87e28eb15542e6ec7a6b58f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5460
Md5:    9a0845d2cc570a323170a9984c7ec7d3
Sha1:   486af4712134398a87e28eb15542e6ec7a6b58f5
Sha256: 53f57f6f3c97389a6796809ba8cef1dadfec0b593787df97ef2ed51f10188a82