urlquery - report: j.top4top.io/f_3p3p1zspkef7oznowbqr-a/1653033818/2045bje6m1.rar

Overview

URL	j.top4top.io/f_3p3p1zspkef7oznowbqr-a/1653033818/2045bje6m1.rar
IP	135.181.63.70
ASN	Hetzner Online GmbH
Location	Finland
Report completed	2022-06-21 08:43:28 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-21	2	j.top4top.io/f_3p3p1zspkef7oznowbqr-a/1653033818/2045bje6m1.rar	Malware
2022-06-21	2	top4top.io/f-2045bje6m1-rar.html	Malware
2022-06-21	2	top4top.io/downloadf-2045bje6m1-rar.html	Malware
2022-06-21	2	top4top.io/share.js	Malware
2022-06-21	2	s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47	Malware
2022-06-21	2	s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47	Malware
2022-06-21	2	s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47	Malware
2022-06-21	2	s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (15)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-21 04:29:47 UTC	54.230.111.64
[Mnemonic Passive DNS]	www.google-analytics.com (2)	40	2017-01-30 05:00:06 UTC	2022-06-19 22:53:55 UTC	142.250.74.174
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-21 04:55:31 UTC	34.211.35.83
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-21 05:50:57 UTC	34.120.237.76
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ajax.googleapis.com (1)	12905	2017-01-30 05:00:30 UTC	2019-10-16 05:01:16 UTC	142.250.74.138
[Mnemonic Passive DNS]	r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-06-21 04:27:24 UTC	23.36.77.32
[Mnemonic Passive DNS]	s.top4top.io (7)	0	No data	No data	104.21.5.137	Domain (top4top.io) ranked at: 118839
[Mnemonic Passive DNS]	ocsp.digicert.com (3)	86	2012-11-29 12:49:49 UTC	2022-06-21 05:15:05 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.pki.goog (4)	175	2017-06-14 07:23:31 UTC	2022-06-20 04:40:31 UTC	142.250.74.3
[Mnemonic Passive DNS]	www.facebook.com (1)	99	2012-05-28 23:09:18 UTC	2022-06-21 04:45:31 UTC	31.13.72.36
[Mnemonic Passive DNS]	j.top4top.io (1)	730645	No data	No data	135.181.63.70
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	top4top.io (10)	118839	2021-07-22 14:24:43 UTC	2021-07-22 14:24:43 UTC	188.165.137.170
[Mnemonic Passive DNS]	connect.facebook.net (1)	139	2013-09-20 12:03:21 UTC	2022-06-20 04:42:05 UTC	31.13.72.12

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 135.181.63.70

Date	UQ / IDS / BL	URL	IP
2022-07-05 16:34:36 +0000	0 - 0 - 4	j.top4top.io/f_uog2mm2k3_kxn-azuyuyza/1657204 (...)	135.181.63.70
2022-07-05 16:32:55 +0000	0 - 0 - 11	j.top4top.io/f_mfaruf-d5q4kxzykkt-zsq/1657202 (...)	135.181.63.70
2022-07-05 15:26:47 +0000	0 - 0 - 10	j.top4top.io/f_pmwryrahlvew77mifyw_cg/1650704 (...)	135.181.63.70
2022-07-05 05:26:15 +0000	0 - 0 - 8	j.top4top.io/f_F1V_MsIIIZXAXjZT_sKRNQ/1657171 (...)	135.181.63.70
2022-07-04 14:03:26 +0000	0 - 0 - 9	j.top4top.io/f_0yf1hopcxe-g-2nobev9lw/1655680 (...)	135.181.63.70
2022-07-03 15:29:21 +0000	0 - 0 - 7	j.top4top.io/f_gv7waIHqK6k23F9N4sNgTQ/1655654 (...)	135.181.63.70
2022-07-03 04:52:15 +0000	0 - 0 - 8	j.top4top.io/f_pmwryrahlvew77mifyw_cg/1650704 (...)	135.181.63.70
2022-07-02 17:07:16 +0000	0 - 0 - 9	j.top4top.io/f_eoe7axsqzogcrbpquwwnaw/1655494 (...)	135.181.63.70
2022-07-01 15:51:47 +0000	0 - 0 - 9	j.top4top.io/f_nzyzxgq5czlh4g1mjzlulw/1656793 (...)	135.181.63.70
2022-07-01 02:51:53 +0000	0 - 0 - 10	p.top4top.io/f_1g2adzae7jiz2vedtr1_4w/1655317 (...)	135.181.63.70

Last 10 reports on ASN: Hetzner Online GmbH

Date	UQ / IDS / BL	URL	IP
2022-07-06 04:48:27 +0000	0 - 0 - 31	teppichreinigung-riedstadt.de/	136.243.20.96
2022-07-06 04:27:51 +0000	0 - 0 - 1	controlpanel.gdpi.net.in/	178.63.69.42
2022-07-06 04:23:14 +0000	0 - 0 - 2	iosk.org/pms/jin-6.zip	195.201.207.208
2022-07-06 04:17:26 +0000	0 - 0 - 1	95.217.246.240/1140924216.zip	95.217.246.240
2022-07-06 04:11:42 +0000	0 - 0 - 1	95.217.246.240/0843521920.zip	95.217.246.240
2022-07-06 04:09:30 +0000	0 - 0 - 1	my-discount.info/click.php	136.243.110.236
2022-07-06 04:02:54 +0000	0 - 0 - 25	abr-derin.de/	138.201.140.90
2022-07-06 03:55:05 +0000	0 - 0 - 3	jenenin.com/luk	116.202.250.8
2022-07-06 03:26:53 +0000	0 - 0 - 6	marmil.rs/	213.239.221.181
2022-07-06 03:12:31 +0000	0 - 0 - 1	95.217.246.240/4059068301.zip	95.217.246.240

No other reports on domain: top4top.io

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (7)

#1 JavaScript::Write (size: 194, repeated: 1) - SHA256: 61feceae20d788073dc4f4937a754adfda291c6aaf2f70e6250a3df0a41648f8

                                        < a href = "http://cutt.us/share.php?s=sphinn&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/sphinn.png"
alt = "Sphinn" / > < /a>

#2 JavaScript::Write (size: 219, repeated: 1) - SHA256: 4fa4093d00f7d71562d536fea5699cec343ffb69aeb3e29ab8c6415685d18ea4

                                        < a href = "http://cutt.us/share.php?s=technorati&encode=UTF-8&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/technorati.png"
alt = "Technorati" / > < /a>

#3 JavaScript::Write (size: 197, repeated: 1) - SHA256: accbb607e60f62988ae967f2cda0d2b4971138d5042040d3a7d954b13db9bc36

                                        < a href = "http://cutt.us/share.php?s=twitter&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/twitter.png"
alt = "Twitter" / > < /a>

#4 JavaScript::Write (size: 200, repeated: 1) - SHA256: 4131e6a54534860f6c11e077512809c9974ae47814489a455d834341eee3e67f

                                        < a href = "http://cutt.us/share.php?s=facebook&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/facebook.png"
alt = "Facebook" / > < /a>

#5 JavaScript::Write (size: 188, repeated: 1) - SHA256: 7ed16937707aeeb575e615ee7312387cc4a8fef32426096ada0b90a34e1ca59f

                                        < a href = "http://cutt.us/share.php?s=live&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/live.png"
alt = "Live" / > < /a>

#6 JavaScript::Write (size: 194, repeated: 1) - SHA256: ede0fb5b9d241bf96e94813363e880ee769fee01c850005a82a0c166a2fe0f8a

                                        < a href = "http://cutt.us/share.php?s=reddit&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/reddit.png"
alt = "Reddit" / > < /a>

#7 JavaScript::Write (size: 197, repeated: 1) - SHA256: 8ff01600510bfb21378c72a34f7aa3362d99be506aab3f2d085b460bc6557107

                                        < a href = "http://cutt.us/share.php?s=myspace&url=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&title=instachack | *-EJD"
target = "_blank" > < img src = "images/myspace.png"
alt = "MySpace" / > < /a>

HTTP Transactions (48)

Request	Response
GET /f_3p3p1zspkef7oznowbqr-a/1653033818/2045bje6m1.rar HTTP/1.1 Host: j.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 138 Md5: aff950cab4c0265e21d401db15f1026d$ 135.181.63.70 HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: Hotcores.com Date: Tue, 21 Jun 2022 08:43:12 GMT Content-Length: 138 Connection: close Location: https://top4top.io/f-2045bje6m1-rar.html Reason: Invalid --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 138 Md5: aff950cab4c0265e21d401db15f1026d Sha1: f03e18461817f7a6546c8bf8fa8d686d7e30aca0 Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FA93F9D4231B0B7144EBFA385B3E2D7892E57D83862306D353CF20AA307FE4B6" Last-Modified: Sun, 19 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10287 Expires: Tue, 21 Jun 2022 11:34:39 GMT Date: Tue, 21 Jun 2022 08:43:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 18169f74cbfaa4e95daf7a82fce0a92f Sha1: 9ee6a4a737043328c1fff706bf1f349516ee261d Sha256: fa93f9d4231b0b7144ebfa385b3e2d7892e57d83862306d353cf20aa307fe4b6
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 21 Jun 2022 08:09:12 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: jK31ac_f4AClkKQhsxz411owQkZJWawnUG1-nwZUfI1sIf8wXctA9Q== Age: 2040 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 date: Tue, 21 Jun 2022 02:10:51 GMT last-modified: Wed, 11 May 2022 19:51:39 GMT etag: "48ca0beea419a9039591cf1aee5179e0" content-disposition: attachment accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 3OIEYAKc-Juq48tUzkAWt5kpyXETo854vfr_vnoILmPoqtwMYqurHQ== age: 23542 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D69BCE21B0054D4C12B19B0D71E51C7A56F6F28E8F0E2193836EFD9CA3231098" Last-Modified: Tue, 21 Jun 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15179 Expires: Tue, 21 Jun 2022 12:56:11 GMT Date: Tue, 21 Jun 2022 08:43:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eff7e83c6bea3a0ccd51990649bff9 Sha1: 3d454b21ae8a8a8522e02602264235adc09be858 Sha256: d69bce21b0054d4c12b19b0d71e51c7a56f6f28e8f0e2193836efd9ca3231098
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Tue, 21 Jun 2022 08:43:12 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /f-2045bje6m1-rar.html HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=affe874d0221a7d3e4b8f0c1c7ee3254c403f1a9; _gid=GA1.2.976682888.1655743560 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 256 Md5: 782730fdf277f849b4b99febb4a2c3e6$ 188.165.137.170 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Tue, 21 Jun 2022 08:43:12 GMT Server: HotCores Location: https://top4top.io/downloadf-2045bje6m1-rar.html Content-Length: 256 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 256 Md5: 782730fdf277f849b4b99febb4a2c3e6 Sha1: a494da3725346ff17d19b68a4667fe588ecb7919 Sha256: 997bd579389cdd1a549ce6b4b116e3e81c10fb493affbe021118905402a5497d Alerts: Blocklists: - fortinet: Malware
GET /downloadf-2045bje6m1-rar.html HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=affe874d0221a7d3e4b8f0c1c7ee3254c403f1a9; _gid=GA1.2.976682888.1655743560 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411) Size: 17287 Md5: b4bf93e553cbf2a1efb6a098e4e81477$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Tue, 21 Jun 2022 08:43:13 GMT Server: HotCores Expires: 0 Cache-Control: private, no-cache="set-cookie" Pragma: no-cache P3P: CP="CUR ADM" Set-Cookie: klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; expires=Thu, 23-Jun-2022 08:43:13 GMT; path=/; domain=.top4top.io; httponly I-AM: US03 Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (411) Size: 17287 Md5: b4bf93e553cbf2a1efb6a098e4e81477 Sha1: 14fa555f5b787d1907c5d37a6ed6d30922e66ede Sha256: 47b8797fb38f4ba0723ba91347f1eabf5712b0670681e85eabc9b7a175241c53 Alerts: Blocklists: - fortinet: Malware
GET /styles/default-new-reg/images/newlogo.png HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	$Magic: PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data Size: 19068 Md5: d68c79880117110f89d39cce5c43d39c$ 104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: image/png content-length: 19068 last-modified: Mon, 26 Sep 2016 09:33:17 GMT etag: "57e8eb5d-4a7c" expires: Mon, 23 May 2022 14:38:08 GMT cache-control: max-age=5356800 x-cache-status-a: HIT vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 494709 accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2fP2mNIdykDkGZItQI39bED0cOySV%2Ff%2FxtcxxruAakpbTrH%2BZ9CkmcRGeM2YrlpVJPj3Hieny6u1ARiP%2FAStORMThrwP283cJ4zeGvLBH6SQVGcxbnpxsht29OUm2c%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74900ed90afe-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data Size: 19068 Md5: d68c79880117110f89d39cce5c43d39c Sha1: 6e30dcd905314f77912b224e35ce089560553300 Sha256: 1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=33938111 HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	188.165.137.170 HTTP/1.1 200 OK Content-Type: text/javascript;Charset=UTF-8 Date: Tue, 21 Jun 2022 08:43:13 GMT Server: HotCores I-AM: US03 Content-Length: 3 --- Additional Info --- Magic: Unicode text, UTF-8 text, with no line terminators Size: 3 Md5: ecaa88f7fa0bf610a5a26cf545dcd3aa Sha1: 57218c316b6921e2cd61027a2387edc31a2d9471 Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /share.js HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	188.165.137.170 HTTP/1.1 200 OK Content-Type: application/javascript Server: HotCores Date: Tue, 21 Jun 2022 08:43:13 GMT Content-Length: 2045 Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT ETag: "57e8eb5c-7fd" Expires: Tue, 28 Jun 2022 08:43:13 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: HTML document, ASCII text, with CRLF line terminators Size: 2045 Md5: d6b05c71ce92a4e0599cf8b731966510 Sha1: 8735a20d053e085fdfe0963cab19b9499e1be457 Sha256: ff90fa92b304e071f41235a6e338e1e0588641156a765999852784a17523be9e Alerts: Blocklists: - fortinet: Malware
GET /ads/adpull.php?n=1&w=728&h=90&call=js&t=banner&divid=330275050 HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	188.165.137.170 HTTP/1.1 200 OK Content-Type: text/javascript;Charset=UTF-8 Date: Tue, 21 Jun 2022 08:43:13 GMT Server: HotCores I-AM: US03 Content-Length: 3 --- Additional Info --- Magic: Unicode text, UTF-8 text, with no line terminators Size: 3 Md5: ecaa88f7fa0bf610a5a26cf545dcd3aa Sha1: 57218c316b6921e2cd61027a2387edc31a2d9471 Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
GET /styles/default-new-reg/images/soft.png HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	$Magic: PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data Size: 41248 Md5: 8cf5d3f055149868fd89971433ed8ece$ 104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: image/png content-length: 41248 last-modified: Mon, 26 Sep 2016 09:33:17 GMT etag: "57e8eb5d-a120" expires: Mon, 23 May 2022 14:38:08 GMT cache-control: max-age=5356800 x-cache-status-a: HIT vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: REVALIDATED accept-ranges: bytes expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUyrwZYVTxLnSH28PPurqM5tRWaNgSrGR19I%2FZHkZUeLxlTbEfhkCjg%2BMmpEOY156%2BBXbgDQqL1TwvmdM5a9N29KJw4a016yMmvFeEdzNk%2BsZz6cEjl5SF4S0LOAq%2BU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74900edb0afe-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data Size: 41248 Md5: 8cf5d3f055149868fd89971433ed8ece Sha1: e877509e97d487b44bdd7203c7e3ca2795963afa Sha256: 58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2619 Cache-Control: 'max-age=158059' Date: Tue, 21 Jun 2022 08:43:13 GMT Last-Modified: Tue, 21 Jun 2022 07:59:34 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 8f8f7ca9646ef31ebfcec3bee11d2393 Sha1: cc70a5bd444e9f013069211ae216e59a13fb23a7 Sha256: 4507273f6c3e4dd8ddc0041de4d7c28af32769a8bae64647e5d82b949190ca2b
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2282 Cache-Control: 'max-age=158059' Date: Tue, 21 Jun 2022 08:43:13 GMT Last-Modified: Tue, 21 Jun 2022 08:05:11 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb98319c7931a6b182cde20611d5ff53 Sha1: 7b0c45ac17f3027bbe8892215d05db8a5e5d82f1 Sha256: 29d6216b42b41be47d9e1633f90d3d021faa61a6d1d1bc7ad17a1be2a5076dde
GET /en_US/all.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	31.13.72.12 HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip access-control-expose-headers: X-FB-Content-MD5 x-fb-content-md5: 3f964935a3d9086839600a88cb386e8e etag: "17c9dbbba563bd20b71943ae25118b5b" content-type: application/x-javascript; charset=utf-8 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin expires: Tue, 21 Jun 2022 08:56:45 GMT cache-control: public,max-age=1200,stale-while-revalidate=3600 document-policy: force-load-at-top cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-fb-rlafr: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains content-md5: R5VfYgFrygSgB9hDHP2A1A== x-fb-debug: KYXk/R5AIoM8CXeVJ4NVhRrMrrS2zfuUfJh+lriv3OKkZAnHL+Xa6A006UeC6+ecGlwieoN40rOB3GGBpRjvwA== content-length: 1684 x-fb-trip-id: 1904183273 date: Tue, 21 Jun 2022 08:43:13 GMT alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1961) Size: 1684 Md5: 47955f62016bca04a007d8431cfd80d4 Sha1: 953b2e8f4bc2787da751f11ab8cc968621ad8563 Sha256: 49ef2c38651252f0e777352bb23d0ec6a022624395e2c856db5c29149894da5e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2619 Cache-Control: 'max-age=158059' Date: Tue, 21 Jun 2022 08:43:13 GMT Last-Modified: Tue, 21 Jun 2022 07:59:34 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 8f8f7ca9646ef31ebfcec3bee11d2393 Sha1: cc70a5bd444e9f013069211ae216e59a13fb23a7 Sha256: 4507273f6c3e4dd8ddc0041de4d7c28af32769a8bae64647e5d82b949190ca2b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 21 Jun 2022 08:43:13 GMT Cache-Control: public, max-age=18000 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 6e361b7b94380e83e6ef187062f53215 Sha1: 0bfc60781871c64c21bb4d34d0f91636c2faec8d Sha256: 466aa4fbfb9333ffc3efdd8848d93d8fc8c48c2d2695a2bd08ba736ec2f6fe7d
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.138 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 33434 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 17 Jun 2022 09:34:59 GMT expires: Sat, 17 Jun 2023 09:34:59 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 342494 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32086) Size: 33434 Md5: 430e927c980ad4079de727fa59dd93f2 Sha1: 891aaada9a55a91292999f6d50fd300439905982 Sha256: e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /styles/default-new-reg/images/zl.png HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data Size: 673 Md5: 5caf58a4705aa53b41535b86b18819a1$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: image/png Server: HotCores Date: Tue, 21 Jun 2022 08:43:13 GMT Content-Length: 673 Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT ETag: "57e8eb5d-2a1" Expires: Tue, 28 Jun 2022 08:43:13 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data Size: 673 Md5: 5caf58a4705aa53b41535b86b18819a1 Sha1: d38040f84c6dcc16c40519bf0249ea8097b8e969 Sha256: 20fac0020c1ca2b53c6132997d0b5ec25252b30ceedaf59b05679c73c0494e7c
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Tue, 21 Jun 2022 08:19:25 GMT Expires: Tue, 21 Jun 2022 08:34:11 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 037MCFv5S4qau_yLaE5YQPHci_dTTrUwImYklnbE5MZpd068hpxZ-Q== Age: 1428 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 21 Jun 2022 08:43:13 GMT Cache-Control: public, max-age=18000 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 6e361b7b94380e83e6ef187062f53215 Sha1: 0bfc60781871c64c21bb4d34d0f91636c2faec8d Sha256: 466aa4fbfb9333ffc3efdd8848d93d8fc8c48c2d2695a2bd08ba736ec2f6fe7d
GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: application/javascript last-modified: Mon, 26 Sep 2016 09:33:17 GMT etag: W/"57e8eb5d-875d" expires: Mon, 23 May 2022 14:38:08 GMT cache-control: max-age=5356800 x-cache-status-a: HIT vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 118548 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FK73U7dvc6dkD59EfFf3KOAN8rElORJSQNJSBS2LQFP%2B0lb2ULfAGb0%2BQTxV1b%2BfJfrzkoL6wAU%2FuMpyGTwXWpNgRcQiKsIEhcmZj60yo3cn%2FOj22L2faOa5QqKp0Y%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74900ed40afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32108) Size: 9862 Md5: 919a512fb21da9db628cc9e9c7029207 Sha1: 5a3075172de8db7dea741a3dbf578c29d46e0788 Sha256: 9179fb7b102ef5baec8de088cd1f5ab3d7644c1b2622eb4e99488a138108ccf1 Alerts: Blocklists: - fortinet: Malware
GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers	104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: application/javascript access-control-allow-origin: * cache-control: max-age=5356800 cf-bgj: minify cf-polished: origSize=562 etag: W/"57e8eb5d-232" expires: Mon, 23 May 2022 14:38:08 GMT last-modified: Mon, 26 Sep 2016 09:33:17 GMT vary: Accept-Encoding x-cache-status-a: HIT cf-cache-status: HIT age: 118548 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQI8glzpGm%2FoHh1HfYhgrTGg%2BKIuJ%2F%2FxHKo4EVuzCXCl0k5AfHei0VJJOhGugKfyVdaIWe5dJKTLHerYCgmeAG8kvAaYemp1lHnWvBn62QRsVT5e4q35SpIpnlSCmkY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74900ed60afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (474), with no line terminators Size: 451 Md5: f473a008da52c95591b81547629d43f7 Sha1: f15fd19a931e3c409338f6f91059a8cfcf66e9df Sha256: 9b8351e5516a673e98655cb7421a3765ed872c30f9a382fdc660cbb8aec96b30
GET /images/twitter.png HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 385 Md5: cea04ecdecaebee1062f70f6c0377e9b$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: image/png Server: HotCores Date: Tue, 21 Jun 2022 08:43:13 GMT Content-Length: 385 Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT ETag: "57e8eb5d-181" Expires: Tue, 28 Jun 2022 08:43:13 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 385 Md5: cea04ecdecaebee1062f70f6c0377e9b Sha1: d8fc45f070c93f100423bb5e724c2394e0664d29 Sha256: 09661cea5a7ed3c20f10820b3b9c151a7415770d805172e0b76a09944d882680
GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: text/css last-modified: Mon, 26 Sep 2016 09:33:17 GMT etag: W/"57e8eb5d-d0b7" expires: Mon, 23 May 2022 14:38:08 GMT cache-control: max-age=5356800 x-cache-status-a: HIT vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 118548 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLotp1QMpU8GHtFn5oeQz4JffY66SW7esbGn5JtL7hgV%2Fz2%2BL9deYrsffVuNHlQ0ubWGwCDpgIUqPqRCazRVYJYAqqliDH3IboThS%2FZ8PxyWJ5Av4f9i7U4GopqK9wI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74904f0c0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (53270) Size: 4059 Md5: fbf3e47d7067c3f28b7af069dd582bd1 Sha1: a1bbae625093ac36aaad9420ae330f6a468b7a5c Sha256: 5ddb5e3d9a6d782f622d8b3db8fa632d872503c3cfddf4270e535f1f8bf1ee2a Alerts: Blocklists: - fortinet: Malware
GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=5356800 cf-bgj: minify cf-polished: origSize=487 etag: W/"5e0bab24-1e7" expires: Mon, 23 May 2022 14:38:08 GMT last-modified: Tue, 31 Dec 2019 20:10:12 GMT vary: Accept-Encoding x-cache-status-a: HIT cf-cache-status: HIT age: 7243 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3kLOs1Xcbpy03aE2gCkdMOyHdKm%2FtKY7PfKWZDHsdJCkgBHAJ3ibn4v2ik%2BOiy3ITU%2B4dUE0y9RYAyydTpzHddU8RN2mTQeT8fd0eEXgrFc2X02Ur7KkWNX7O0TcWY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74904f0d0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (408), with no line terminators Size: 941 Md5: 8bf8eae9202fdc512b5c37b78e26fdff Sha1: 4ecfc9c53ae44327dcf5257381635579e0ac6206 Sha256: 9fb5e0ad4024282394bd26826a906dc4dadf3406deed165cba8163e812443266 Alerts: Blocklists: - fortinet: Malware
GET /images/reddit.png HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data Size: 645 Md5: 2a94deb80f88d3f76f263d134b0b1af6$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: image/png Server: HotCores Date: Tue, 21 Jun 2022 08:43:14 GMT Content-Length: 645 Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT ETag: "57e8eb5d-285" Expires: Tue, 28 Jun 2022 08:43:14 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data Size: 645 Md5: 2a94deb80f88d3f76f263d134b0b1af6 Sha1: 7ef18707f538b89f59cfdb647d2f4f4efe29e23e Sha256: 38b5f357b4afe9b318ff9bf0806bf69856b80bac27671321097f9840c27e47c7
GET /styles/default-new-reg/css/font-awesome.min.css?rev=47 HTTP/1.1 Host: s.top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Cookie: _ga=GA1.2.1841955378.1654357939; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site	104.21.5.137 HTTP/2 200 OK date: Tue, 21 Jun 2022 08:43:13 GMT content-type: text/css last-modified: Tue, 31 Dec 2019 20:10:12 GMT etag: W/"5e0bab24-578f" expires: Mon, 23 May 2022 14:38:08 GMT cache-control: max-age=5356800 x-cache-status-a: HIT vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 118548 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbeQGMfHHXOw52tukItOWKOamq7C89i83gxz59zdVkHTW%2FyPHxPDJl7O6r3c1vVYuyoB9lSoL%2BJk4qRX6dDF%2BgL1oUw3e3qmvYx0q8oIptUchnI8rkSxKqsPPxyg4eA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 71eb74902efa0afe-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (21997) Size: 5422 Md5: 5ae1c7fc2614914029755dd04cfd184e Sha1: ffdd79931cd2f9573ea9800ae84c1fc48d9d61e8 Sha256: 12545b7c9036283e252e59030a70ebd27be04459c72b2894a7a0ec732c14c8c4 Alerts: Blocklists: - fortinet: Malware
GET /images/myspace.png HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 776 Md5: 35578456cc898dfd8aa2112c223cdced$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: image/png Server: HotCores Date: Tue, 21 Jun 2022 08:43:14 GMT Content-Length: 776 Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT ETag: "57e8eb5d-308" Expires: Tue, 28 Jun 2022 08:43:14 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 776 Md5: 35578456cc898dfd8aa2112c223cdced Sha1: 1d342dae525f04e2dfc7e097bba4a6881b414b35 Sha256: 956189a17826806990967d4836472550d6ed3a8192c2bc1e679dc3cabe440edf
GET /images/technorati.png HTTP/1.1 Host: top4top.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/downloadf-2045bje6m1-rar.html Cookie: _ga=GA1.2.1841955378.1654357939; sid=caW4-DBpy8tEfRydziqAiZpxpof; klj_40d147_fdkey=a12888250f19c5d245b529883dc9ac8ca14c48fc; _gid=GA1.2.976682888.1655743560 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	$Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 283 Md5: f120938135c52cd80b7f37bd5b17daf4$ 188.165.137.170 HTTP/1.1 200 OK Content-Type: image/png Server: HotCores Date: Tue, 21 Jun 2022 08:43:14 GMT Content-Length: 283 Last-Modified: Mon, 26 Sep 2016 09:33:16 GMT ETag: "57e8eb5c-11b" Expires: Tue, 28 Jun 2022 08:43:14 GMT Cache-Control: max-age=604800 Access-Control-Allow-Origin: * Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 283 Md5: f120938135c52cd80b7f37bd5b17daf4 Sha1: 1cb99566ca564dd8a8273a616d072739c58b4290 Sha256: 6cd07b1a71bf03f25556bc801c306419a255ec5b47751fcdcda5efbdb08766c8
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 21 Jun 2022 08:43:14 GMT Cache-Control: public, max-age=18000 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 237e4da5798ef3c2aac60e0f655e5df4 Sha1: 474951b07f92c53b50c3c44ab6e1583603ab855b Sha256: 69c3b22ca43f7b06ff3af692768003c980544eb25322cc04fc747b03c63aad6f
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.174 HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20006 date: Tue, 21 Jun 2022 08:41:13 GMT expires: Tue, 21 Jun 2022 10:41:13 GMT cache-control: public, max-age=7200 age: 121 last-modified: Wed, 13 Apr 2022 21:02:38 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20006 Md5: 56f5d7f608e25d64207135f045f988cb Sha1: 901eb59372ae330ae85e1384da93479b21ae1082 Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 21 Jun 2022 08:43:14 GMT Cache-Control: public, max-age=18000 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 237e4da5798ef3c2aac60e0f655e5df4 Sha1: 474951b07f92c53b50c3c44ab6e1583603ab855b Sha256: 69c3b22ca43f7b06ff3af692768003c980544eb25322cc04fc747b03c63aad6f
POST /j/collect?v=1&_v=j96&a=2092158499&t=pageview&_s=1&dl=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&ul=en-us&de=UTF-8&dt=instachack%20%7C%20%D8%AA%D8%AD%D9%85%D9%8A%D9%84&sd=24-bit&sr=1280x1024&vp=1268x1024&je=0&_u=AACAAEABAAAAAC~&jid=1579337960&gjid=1382457100&cid=1841955378.1654357939&tid=UA-9340508-1&_gid=976682888.1655743560&_r=1&_slc=1&z=1500442400 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://top4top.io Connection: keep-alive Referer: https://top4top.io/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	142.250.74.174 HTTP/2 200 OK access-control-allow-origin: https://top4top.io date: Tue, 21 Jun 2022 08:43:14 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: 38684612f0c6bb6dfa16da92f4a6878f Sha1: 6fe62d0dd7db314b7f9bb945672f078e01d27f0f Sha256: a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30e5b50098e9b6%26domain%3Dtop4top.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftop4top.io%252Ff2df088a9484572%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftop4top.io%2Fdownloadf-2045bje6m1-rar.html&layout=button_count&locale=en_US&sdk=joey&width=90 HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://top4top.io/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	31.13.72.36 HTTP/2 200 OK content-type: text/html;charset=utf-8 pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} cross-origin-opener-policy: same-origin-allow-popups x-content-type-options: nosniff x-xss-protection: 0 x-fb-debug: yliiqVLAk6hA0QQg962wCNvtt8mHVq/3M5Qud9H2kB0HNbirdCBZO69j+4N5ZEFCzdhXN9avreQPB2kRpQsbfQ== content-length: 0 date: Tue, 21 Jun 2022 08:43:14 GMT alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: wExoPgR/86kx58M5AZyoVA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.211.35.83 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: T92PbjA7QpuLH4RJEZ9KSGlWLQg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4" Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4717 Expires: Tue, 21 Jun 2022 10:01:52 GMT Date: Tue, 21 Jun 2022 08:43:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5468a576b952918cab24d9e87ec1d6c Sha1: ee073df2d36e60a152d5e574def527e40e127e63 Sha256: 81bc6130d8932ef922d48c07b127738f92fb3af767cffbb3d8a50efbd35e77f4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4" Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4717 Expires: Tue, 21 Jun 2022 10:01:52 GMT Date: Tue, 21 Jun 2022 08:43:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5468a576b952918cab24d9e87ec1d6c Sha1: ee073df2d36e60a152d5e574def527e40e127e63 Sha256: 81bc6130d8932ef922d48c07b127738f92fb3af767cffbb3d8a50efbd35e77f4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4" Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4717 Expires: Tue, 21 Jun 2022 10:01:52 GMT Date: Tue, 21 Jun 2022 08:43:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5468a576b952918cab24d9e87ec1d6c Sha1: ee073df2d36e60a152d5e574def527e40e127e63 Sha256: 81bc6130d8932ef922d48c07b127738f92fb3af767cffbb3d8a50efbd35e77f4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4" Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4717 Expires: Tue, 21 Jun 2022 10:01:52 GMT Date: Tue, 21 Jun 2022 08:43:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5468a576b952918cab24d9e87ec1d6c Sha1: ee073df2d36e60a152d5e574def527e40e127e63 Sha256: 81bc6130d8932ef922d48c07b127738f92fb3af767cffbb3d8a50efbd35e77f4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "81BC6130D8932EF922D48C07B127738F92FB3AF767CFFBB3D8A50EFBD35E77F4" Last-Modified: Sun, 19 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4717 Expires: Tue, 21 Jun 2022 10:01:52 GMT Date: Tue, 21 Jun 2022 08:43:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5468a576b952918cab24d9e87ec1d6c Sha1: ee073df2d36e60a152d5e574def527e40e127e63 Sha256: 81bc6130d8932ef922d48c07b127738f92fb3af767cffbb3d8a50efbd35e77f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bdd4a65-0ad3-4d4c-8ae1-589d76820dd1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8608 Md5: ba25c9e230ff89b9ddb9444eab36e09f$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8608 x-amzn-requestid: 3d2544b7-04a9-4549-9321-b403a8e3e4ba x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T8NC1GGpoAMFxdw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ae5bab-5d03e5ad6ad6b8e11d7005e3;Sampled=0 x-amzn-remapped-date: Sat, 18 Jun 2022 23:11:39 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: AeM9AJkDK8mb2O-WSmX-weX6R-sFp_Ob-30DplH0oh1Shk-3j8v7NQ== via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Jun 2022 06:02:21 GMT age: 9654 etag: "4ba7927de178b6dcbbc2295cdd97d0d7ea5a0d0b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8608 Md5: ba25c9e230ff89b9ddb9444eab36e09f Sha1: 4ba7927de178b6dcbbc2295cdd97d0d7ea5a0d0b Sha256: 13cee81050d1f549f54167254f6c9522bc5d0f30b14754752cc1e1dac05c8658
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe81282fc-e913-4778-ba95-a7fe950ca57e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5177 Md5: 29954eb08ed58a03fb57cd7997ccd783$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5177 x-amzn-requestid: 59b31e91-e2b0-4071-b63f-4c70ff440e9c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T8VueFk-IAMFqbw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ae698f-20c1a1c231fae30e62beefe2;Sampled=0 x-amzn-remapped-date: Sun, 19 Jun 2022 00:10:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zNn7IgB39EDxKDdH9fSQbG4H-1JRgay5OmH88vhtmQCyojnPYPNAJw== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Jun 2022 00:31:08 GMT age: 29527 etag: "7fb20c43441769cb55ffed4b34f95a9577e55682" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5177 Md5: 29954eb08ed58a03fb57cd7997ccd783 Sha1: 7fb20c43441769cb55ffed4b34f95a9577e55682 Sha256: bf8448b64610881d2bdf740e507f8b67488ddb704d92f34affdea3bcf3251471
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ee0f212-4313-40f0-9c30-2eb07cb2ea12.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8898 Md5: 03d2157588ed473d22e1f3bfd99457d6$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8898 x-amzn-requestid: d9208711-1eaa-493d-9dd2-0f53189d3d55 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TtggbExsIAMFvIw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a87acf-52322d6565f9695f6363dcd4;Sampled=0 x-amzn-remapped-date: Tue, 14 Jun 2022 12:10:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: odHZzJy2TbuRb7mctxuUWz0qNYL1uYJAlltwpCjxZB4yKfUXWt4TbQ== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Jun 2022 05:12:51 GMT age: 12624 etag: "cd11ececd4ca2538610988e35d57eb41aea26e9b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8898 Md5: 03d2157588ed473d22e1f3bfd99457d6 Sha1: cd11ececd4ca2538610988e35d57eb41aea26e9b Sha256: cb00b37c8250e1b0718cc00b966deaaf15d78fd6d36887d9adb55533f4663197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb9caed1-1ef7-4e50-a63b-e5717cf6dbfe.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7268 Md5: 4be72646654c94082881bc28fee9cf13$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7268 x-amzn-requestid: 5ae6e18c-ed36-43db-ab68-d0a9504fac5e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TvJgGHVTIAMFhXQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a922cd-6913d75d5ea1df0675e2829e;Sampled=0 x-amzn-remapped-date: Wed, 15 Jun 2022 00:07:41 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: dFGoGnWkFyd4ELjNKpVRcNbhVDSTksnw8Ax_SQvY598kBzaEmRkEwQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Jun 2022 00:36:46 GMT age: 29189 etag: "0dd0e93bf2a44af88638c33eb4aa21592f191a20" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7268 Md5: 4be72646654c94082881bc28fee9cf13 Sha1: 0dd0e93bf2a44af88638c33eb4aa21592f191a20 Sha256: 87b528ce2e4355f7bb6f5777eb52aa989f4e923fc3ae3bfe2f33c6cb219498d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7117ddf6-b7e8-4a8d-a689-8094a4c82534.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4097 Md5: 9ce252e986a124dbef30ae0a1b99c10e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4097 x-amzn-requestid: bc6d88ad-f4cc-4570-8fce-69d2fc8cf0d9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T1vYBHX6IAMFR6g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62abc5cc-566356ea4aaf02297e8b14bb;Sampled=0 x-amzn-remapped-date: Fri, 17 Jun 2022 00:07:40 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: pga3Dfz0cHp8MgliJG3jhh6WNn4SysQbRNaq19OB4B464e-y6IbdUA== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Jun 2022 07:45:19 GMT age: 3476 etag: "a0ae6ca59a3334455a25fd928f55cb47e34c3a9a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4097 Md5: 9ce252e986a124dbef30ae0a1b99c10e Sha1: a0ae6ca59a3334455a25fd928f55cb47e34c3a9a Sha256: fbb3636d2a662aa1aefd8c53da08db3c004906b051efc0efdbd88b7c175b24f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7ff1017-2460-4602-a1b8-a7e3c93b4e0c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11593 Md5: 2c281aba97f291e06da89f0231985c5b$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11593 x-amzn-requestid: b8c17e4f-95e8-4dc8-b904-34e4e924c11c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TvJ1MGKOoAMF9hw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a92354-7065fd35467b127e5af6a534;Sampled=0 x-amzn-remapped-date: Wed, 15 Jun 2022 00:09:56 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hnfuCgeac2-YTRApO9KdvdwV6jQKPXC2AtWmT66Wte9Uj9AqQ2kKBw== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Mon, 20 Jun 2022 15:35:05 GMT age: 61690 etag: "5910ab43cb85c896675932a4cf6397ce701c1be9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11593 Md5: 2c281aba97f291e06da89f0231985c5b Sha1: 5910ab43cb85c896675932a4cf6397ce701c1be9 Sha256: 70061108b1ed514dfa5907a4750f360552b8f178b0d8424e48da236f026c88db