Report - getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/

Report Overview

Visited public
2024-11-25 14:13:33
Tags
Submit Tags
URL
getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Finishing URL
getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
IP / ASN
95.168.206.104
#39392 SH.cz s.r.o.
Title
GetShared - Send Large Files and Share Photos Online - Up to 10 GB Free

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

116

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-11-20	4.1 kB	47 kB	104.22.71.197
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-11-20	1.3 kB	52 kB	64.233.164.95
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-11-20	1.8 kB	227 kB	151.101.129.229
code.jquery.com	634	2005-12-10	2012-05-21	2024-11-20	407 B	32 kB	151.101.66.137
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-11-20	3.3 kB	975 kB	142.250.74.99
www.termsfeed.com	101009	2012-07-03	2017-10-10	2024-11-24	435 B	70 kB	104.26.7.160
cdn.lineicons.com	159267	2016-11-01	2018-09-10	2024-11-24	423 B	28 kB	188.114.97.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-11-20	1.0 kB	36 kB	142.250.74.163
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-11-20	452 B	12 kB	104.17.24.14
www.google.com	7	1997-09-15	2015-05-10	2024-11-20	2.9 kB	81 kB	142.250.74.164
getshared.com	unknown	2006-04-15	2021-01-28	2024-11-20	17 kB	3.2 MB	95.168.206.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

Scan Date	Severity	Indicator	Alert
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed
2024-11-25	medium	getshared.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	getshared.com/assets/themes/modern/js/droppy.js?v=2.5.3	ScriptElement	37 kB	2024-11-05	2024-11-25
Pretty URL getshared.com/assets/themes/modern/js/droppy.js?v=2.5.3 IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash c046cf0edc70685aae8481ea6d2dd5ac ac36a8ea9d1964a652ed9e1da142fd4991887759 efdd6725fa3eb012dadabadfb31a35838a7cacd965a6ada8da91f08bc1e95512 Loading...

	www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js	ScriptElement	222 kB	2024-10-27	2025-07-12
Pretty URL www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-27 09:58 Last Seen2025-07-12 08:01 Times Seen96 Hash 47b00d07cc14b7d9d632d371738fc9d5 e60ee5ab640b6db6b74836e316c01cd9ebcefb55 3970995f9349f50d7f5282d33468940828f7a27e2aac2116126ea6698ce243cf Loading...

	static.addtoany.com/menu/modules/core.junnp81e.js	ScriptElement	72 kB	2024-11-20	2025-04-21
Pretty URL static.addtoany.com/menu/modules/core.junnp81e.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 09:10 Last Seen2025-04-21 00:03 Times Seen1821 Hash ebb1195447f73fa6e5c4ad3e887c7974 075975e4b97b5df51b93792f22f55ecb3c2b48be 0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t	ScriptElement	69 B	2023-03-07	2025-07-16
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 07:39 Times Seen142599 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	112 B	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash 0ffa6a23e76329a2f187634ce5549044 a98744deaf0756c52a791bcf2a74a318ac975205 012e5f8e9887c24e34db483e5901cc6fb26a40538ddeac2b8a90855f26c3c7f9 Loading...

	getshared.com/assets/themes/modern/js/progressbar.min.js	ScriptElement	30 kB	2023-03-12	2025-06-26
Pretty URL getshared.com/assets/themes/modern/js/progressbar.min.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:12 Last Seen2025-06-26 14:24 Times Seen12 Hash 9422d74571648622127d3ef06bdb793c 0546aa81ee6c4642a21d9b10e686ba273c9742e3 0ea354b2b363a3054415db7f66aafb16a9c1fd96ba5ce4e39c758d4ab673b044 Loading...

	getshared.com/assets/themes/modern/js/lord-icon-2.0.2.js	ScriptElement	274 kB	2023-03-08	2025-05-10
Pretty URL getshared.com/assets/themes/modern/js/lord-icon-2.0.2.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:45 Last Seen2025-05-10 20:37 Times Seen13 Hash a5b2d4918b9b89866da361b36cff70cf 4b0368a538b58773e546fdfbba987155397ca47a 7aae2e987947339a6666783f8bba87de9a96743bf1a6135036d7413dd6b8e546 Loading...

	www.google.com/recaptcha/api.js	ScriptElement	870 B	2024-11-20	2024-12-12
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 23:42 Last Seen2024-12-12 18:45 Times Seen1048 Hash 9a7730f4a9a8ea6aeb1a51493b19c248 8e1bddd7332f16b21514442022da22c56a009596 19dc0943a446be7f0d9d6e08ec9541c1c9996840d43b1e9aae42da4174184a09 Loading...

	www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js	ScriptElement	560 kB	2024-11-20	2024-12-31
Pretty URL www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 23:42 Last Seen2024-12-31 13:13 Times Seen5298 Hash 81697e6cdd98e37117d7bddcecf07576 0ea9efeb29efc158cd175bb05b72c8516dbaa965 73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116 Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	9.8 kB	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash f2175649d10165aaf1b1d6280f0e950f 8b4d3a42236c25f3dd060f82bf7f45d03c4c9c53 2ad6d1623ce7928714deec2d673dd27eacae095065700df2d09a285880958cfe Loading...

	static.addtoany.com/menu/svg/icons/email.js	ScriptElement	415 B	2024-04-12	2025-07-16
Pretty URL static.addtoany.com/menu/svg/icons/email.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11 Last Seen2025-07-16 07:31 Times Seen1118 Hash 452a9a6a280379512ab5764a1d42bae1 61e0f75ff25c554dbf65743f1f6bf9d003ddc905 d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453 Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	ScriptElement	645 B	2024-04-12	2025-07-16
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11 Last Seen2025-07-16 07:31 Times Seen1603 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	ScriptElement	429 B	2024-04-12	2025-07-16
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11 Last Seen2025-07-16 07:31 Times Seen2335 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	1.0 kB	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash f6150fbd94c60d4f45bbedc0c299416f 9c1f3d55858a930c0ad45a716ba2dc615a25d1f4 bd442323bcd140a8ce54f37a8b036a304b56623ad9f9d37c6f8696b823fcbe86 Loading...

	getshared.com/assets/js/jquery-ui.min.js	ScriptElement	228 kB	2023-04-22	2024-11-25
Pretty URL getshared.com/assets/js/jquery-ui.min.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-22 20:08 Last Seen2024-11-25 14:13 Times Seen9 Hash e48c2a9b2e61f2656e430c28789e43cd e379b3c23ef40679398cc9445189ce56e97bf345 606774a26652e38ea55751f050c8fa68623a9f5cbefaa5f31daac7640e3e4a85 Loading...

	www.google.com/js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js	ScriptElement	19 kB	2024-11-20	2024-12-02
Pretty URL www.google.com/js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 08:47 Last Seen2024-12-02 23:08 Times Seen854 Hash fab62d4b740825ef4e05d8cb34172e04 b949eeb28c46bfb3a415d868ae67a52701bcbbe6 5bc08f19dcd89a57239fefb7ff17859ae74893c5afd2fba9194f4176be5013e8 Loading...

	getshared.com/assets/js/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL getshared.com/assets/js/jquery-3.6.0.min.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 07:54 Times Seen244740 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	29 B	2023-03-12	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 20:12 Last Seen2024-11-25 14:13 Times Seen6 Hash 979ceefd5360b51ce2d4919408bc30eb ca993153d47414e4883fcf325046f416522ba960 25cb04c1daaec717f8e1783810b49e9376f10df0b485e5a4f86f3a0ea7ffb142 Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	ScriptElement	1.1 kB	2024-04-12	2025-07-16
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25 Last Seen2025-07-16 07:31 Times Seen1239 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	getshared.com/page/premium?iframe=true	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL getshared.com/page/premium?iframe=true IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:55 Times Seen5434056 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	ScriptElement	0 B	0001-01-01	2025-07-16
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-16 07:55 Times Seen5434056 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	ScriptElement	893 B	2024-04-16	2025-07-15
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58 Last Seen2025-07-15 20:23 Times Seen834 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	static.addtoany.com/menu/page.js	ScriptElement	3.2 kB	2024-11-20	2025-04-21
Pretty URL static.addtoany.com/menu/page.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 09:10 Last Seen2025-04-21 00:03 Times Seen1841 Hash 8055537fb4f1977b5babc878a9bbffe1 28553e37b98add5e1e4a4389910669df43698808 2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t	ScriptElement	40 kB	2024-11-25	2024-11-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-25 14:13 Last Seen2024-11-25 14:13 Times Seen1 Hash ca0ddd90adf26325b0ccadf4ae6cf40a 4b11765a2a128ff130a82ac49a0bd68ba7b6cc1c c6d4a7b0df9ec52780aa68f2ce361fb5a6b9d9ce6aa14be0f03a94af01458ba0 Loading...

	static.addtoany.com/menu/svg/icons/a2a.js	ScriptElement	182 B	2023-03-08	2025-07-16
Pretty URL static.addtoany.com/menu/svg/icons/a2a.js IP 104.22.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25 Last Seen2025-07-16 04:57 Times Seen2570 Hash baf0595a19bdc7f7497b74731d2166c4 fd5714384c52fc0338083574434d12328313896c 3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43 Loading...

	cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/js/bulma-carousel.min.js	ScriptElement	41 kB	2023-03-07	2025-07-11
Pretty URL cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/js/bulma-carousel.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58 Last Seen2025-07-11 20:23 Times Seen20 Hash 9b5c4d23262729817f69b6d28b9479f0 aad3a8f22446ceee74247716f4f1e34db3fd473a a8a47bef2cd50640d82aea128360690086ccb6617c6858ee4c71559c88e4a732 Loading...

	getshared.com/assets/js/vegas.min.js?v=2.5.3	ScriptElement	10 kB	2023-03-12	2024-11-25
Pretty URL getshared.com/assets/js/vegas.min.js?v=2.5.3 IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:12 Last Seen2024-11-25 14:13 Times Seen7 Hash 784a425c2277979b4be1ea2233e1165d 44aa78d10af6263da7c1edccc4cf0416dc8dd237 08a1ea52a740d4c40a037557008a8509d8391061f07b2d7a2e7306ecaee65280 Loading...

	getshared.com/assets/js/jquery.fileupload.js	ScriptElement	57 kB	2023-03-08	2025-07-02
Pretty URL getshared.com/assets/js/jquery.fileupload.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:30 Last Seen2025-07-02 09:01 Times Seen34 Hash 2c213949f5daa832dd92df7a59519e07 0abd6433a339524c1ee9e5ad6070fc914a36f4eb 4ea2c356ae45407e0bbbd630fedd39e475e41232b1fdae0683635bd96b4df7b5 Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	245 B	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash 75c221a24a607dee31bf2c7f7a457824 5e3dfd80e90a0c675b177909dd5e78077c9d9929 220b4afc525280fb173fbb13acfca0368dc43e8719b228a7ec66aaf18c71c08f Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	800 B	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash cc809c2b7f7087364cc1801721c0f386 fba1d3c5cf18c7a766afcf6480e87a6d91ddb3ed cd7b49e20647031ad5fcf2c6daf35fa38c0f829e8522f599b81ec7c014b61863 Loading...

	getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/	ScriptElement	444 B	2024-11-05	2024-11-25
Pretty URL getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash fe50a2cda1189992a4f0aa1fd837e0c3 474ba880fbf0c7d7fe8e3a0d21f969fdb0f36288 8f7171ecce06cf275f4c5553df7926350a055d35b42716ef1115bdba5cac08f8 Loading...

	getshared.com/assets/plugins/droppy_premium/js/template.js	ScriptElement	207 B	2024-11-05	2024-11-25
Pretty URL getshared.com/assets/plugins/droppy_premium/js/template.js IP 95.168.206.104 ASN #39392 SH.cz s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-05 11:52 Last Seen2024-11-25 14:13 Times Seen5 Hash 1a8d3dbce3ddd62f52c3608a4a22d727 942c2786fc9917659bfe8275b4308666904d9c92 41b2b0785e19f985cb2b32e637b062cd85573871f67ca6f2ee70c5256b96ad2a Loading...

		Size	First Seen	Last Seen
	#1 Eval - d5a5200d606c5e5e21fabf819954acbe	23 kB	2024-11-25 14:13	2024-11-25 14:13
Pretty Observations First Seen2024-11-25 14:13 Last Seen2024-11-25 14:13 Times Seen1 Hash d5a5200d606c5e5e21fabf819954acbe d849986432320a9dd01368cde08c3a668351b90f f3ef9b1de80760ff09473df5721f4cc9807d48cb5dd294619893310955cbd1c4 Loading...

	#2 Eval - 299243735920d841b2060d06ccccf98c	22 B	2024-11-20 09:21	2024-12-02 23:08
Pretty Observations First Seen2024-11-20 09:21 Last Seen2024-12-02 23:08 Times Seen847 Hash 299243735920d841b2060d06ccccf98c 739d7bec85accb53c1541c694868177e9ffb6571 5f64d5e3168fb71fd8b04b00a77879c3d9accdac39cbf36b5d98b8a9209fff21 Loading...

	#3 Eval - e15675d7d3a31ba3fb465f5f9d8b09a8	22 B	2024-11-20 08:47	2024-12-02 23:08
Pretty Observations First Seen2024-11-20 08:47 Last Seen2024-12-02 23:08 Times Seen851 Hash e15675d7d3a31ba3fb465f5f9d8b09a8 5ccbf8b1a164580e2de58bb7bd5839d67e18dd6b 7d4ab5cf91d30ec9185074827a9564de021d902bab33c7efa08130a0dfce533c Loading...

	#4 Eval - d4d6802d07c66c4013030564f244f492	64 B	2024-11-20 09:21	2024-12-02 23:08
Pretty Observations First Seen2024-11-20 09:21 Last Seen2024-12-02 23:08 Times Seen846 Hash d4d6802d07c66c4013030564f244f492 b41019516b3d366a7eef6061f040469e5cf602fa 4c2204adf46c9be56c6f987acfb1ebd9a73a6cf9d0ae14bb777f7597ff43d55d Loading...

HTTP Transactions (63)

URL IP Response Size

GET getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/

95.168.206.104

200 OK

10 kB

URL User Request GET HTTP/1.1
getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (489), with CRLF, LF line terminators
Size
10 kB (10353 bytes)
Hash
96fd0c2b90a08d70443b2e3523b76fd9
97f77af24799a71129ed2f60d43b1c87b7082da3
6635c2f7a045347c54be392f3eff6b2750c5c891dba5c3d94295bd5fe259b965

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/ HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
set-cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; expires=Tue, 26-Nov-2024 00:13:04 GMT; Max-Age=36000; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

GET getshared.com/assets/css/vegas.min.css?v=2.5.3

95.168.206.104

200 OK

6.9 kB

URL GET HTTP/1.1
getshared.com/assets/css/vegas.min.css?v=2.5.3
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
ASCII text, with very long lines (6819)
Size
6.9 kB (6862 bytes)
Hash
5c2de816f89259f6336e98ed0ca4bd31
56cdc98ac0e9c97e68f022c1d6bd7f85af11140a
3852b1904462809f44e85b3b36574c44d833eafe97b12e5edc8a632c40860669

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/vegas.min.css?v=2.5.3 HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/css
content-length: 6862
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-1ace"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/mecwbjnp.json

95.168.206.104

200 OK

40 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/mecwbjnp.json
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JSON text data
Size
40 kB (40326 bytes)
Hash
1b5b93572a52201551f589a2850b65ca
6fc6031b316e13d7589b92840dd99cab87593f8f
d33ca1f286bcbfee8d52c03694ad8d1e98a3a1e5d69f0418ce55fac4a6322fcb

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/mecwbjnp.json HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/json
content-length: 40326
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-9d86"
accept-ranges: bytes

GET getshared.com/assets/plugins/droppy_premium/css/account_styles.css

95.168.206.104

200 OK

549 B

URL GET HTTP/1.1
getshared.com/assets/plugins/droppy_premium/css/account_styles.css
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
ASCII text
Size
549 B (549 bytes)
Hash
024dc0a57b35fd07cf5583b5562a15cd
02fe1b9693cbebf205ebd078e7efc7f3779cbb7a
be93f0771b3c00501b3d98c5cdc6dea8e93b46d60b25ad3a5782b82c30d1b29e

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/droppy_premium/css/account_styles.css HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/css
content-length: 549
last-modified: Mon, 04 Sep 2023 10:29:42 GMT
etag: "64f5b196-225"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/yyecauzv.json

95.168.206.104

200 OK

33 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/yyecauzv.json
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JSON text data
Size
33 kB (33235 bytes)
Hash
e616d5c9ca181b40bd967a0f8c5f62c8
1b59fe96e0d0675c08e7754df5752839e7888fb6
d24d296c06794773dc227d0ffab361ba7349102931f9d01c936f5beada955ea1

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/yyecauzv.json HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/json
content-length: 33235
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-81d3"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/css/style.css?v=9001016472.5.3

95.168.206.104

200 OK

22 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/css/style.css?v=9001016472.5.3
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
ASCII text
Size
22 kB (22170 bytes)
Hash
30679f4ebbedba160b61bb68020a06d1
bc46a94b2dba7dec354fcf1a388c6675021e6dae
93e6da9e8a56e32172c057e32703e331760794668fd5685068517ff02c23889e

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/css/style.css?v=9001016472.5.3 HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/css
content-length: 22170
last-modified: Tue, 26 Sep 2023 14:14:08 GMT
etag: "6512e730-569a"
accept-ranges: bytes

GET getshared.com/assets/js/vegas.min.js?v=2.5.3

95.168.206.104

200 OK

10 kB

URL GET HTTP/1.1
getshared.com/assets/js/vegas.min.js?v=2.5.3
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (9980), with no line terminators
Size
10 kB (9980 bytes)
Hash
784a425c2277979b4be1ea2233e1165d
44aa78d10af6263da7c1edccc4cf0416dc8dd237
08a1ea52a740d4c40a037557008a8509d8391061f07b2d7a2e7306ecaee65280

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/vegas.min.js?v=2.5.3 HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 9980
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-26fc"
accept-ranges: bytes

GET getshared.com/assets/js/jquery-ui.min.js

95.168.206.104

200 OK

228 kB

URL GET HTTP/1.1
getshared.com/assets/js/jquery-ui.min.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (33326)
Size
228 kB (228509 bytes)
Hash
e48c2a9b2e61f2656e430c28789e43cd
e379b3c23ef40679398cc9445189ce56e97bf345
606774a26652e38ea55751f050c8fa68623a9f5cbefaa5f31daac7640e3e4a85

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery-ui.min.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 228509
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-37c9d"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/lupuorrc.json

95.168.206.104

200 OK

54 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/lupuorrc.json
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JSON text data
Size
54 kB (53495 bytes)
Hash
aad59c0d621961328f00a5b72d4c7871
5bf12f52f688e4f1003ff808ec27ec350c656163
af09b3978d17d36f2f40c55a6e642ac4f93ee625202b7d589a33744eb13557bc

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/lupuorrc.json HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/json
content-length: 53495
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-d0f7"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/js/droppy.js?v=2.5.3

95.168.206.104

200 OK

37 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/js/droppy.js?v=2.5.3
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (339)
Size
37 kB (37190 bytes)
Hash
c046cf0edc70685aae8481ea6d2dd5ac
ac36a8ea9d1964a652ed9e1da142fd4991887759
efdd6725fa3eb012dadabadfb31a35838a7cacd965a6ada8da91f08bc1e95512

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/js/droppy.js?v=2.5.3 HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 37190
last-modified: Sat, 16 Sep 2023 16:25:26 GMT
etag: "6505d6f6-9146"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/js/progressbar.min.js

95.168.206.104

200 OK

30 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/js/progressbar.min.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (29989)
Size
30 kB (30034 bytes)
Hash
9422d74571648622127d3ef06bdb793c
0546aa81ee6c4642a21d9b10e686ba273c9742e3
0ea354b2b363a3054415db7f66aafb16a9c1fd96ba5ce4e39c758d4ab673b044

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/js/progressbar.min.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 30034
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-7552"
accept-ranges: bytes

GET getshared.com/assets/js/jquery-3.6.0.min.js

95.168.206.104

200 OK

90 kB

URL GET HTTP/1.1
getshared.com/assets/js/jquery-3.6.0.min.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery-3.6.0.min.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 89501
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-15d9d"
accept-ranges: bytes

GET getshared.com/assets/js/jquery.fileupload.js

95.168.206.104

200 OK

57 kB

URL GET HTTP/1.1
getshared.com/assets/js/jquery.fileupload.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text
Size
57 kB (56680 bytes)
Hash
2c213949f5daa832dd92df7a59519e07
0abd6433a339524c1ee9e5ad6070fc914a36f4eb
4ea2c356ae45407e0bbbd630fedd39e475e41232b1fdae0683635bd96b4df7b5

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.fileupload.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 56680
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-dd68"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/img/icons/download-started.png

95.168.206.104

200 OK

14 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/img/icons/download-started.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 357 x 355, 8-bit/color RGBA, non-interlaced
Size
14 kB (14118 bytes)
Hash
0984185acda77013bdc7a2ed66313401
7a26544f896d5d86220f735e0099cd94ace93050
4e19c127e2af6b3916a98c49f9748fc43cbca54ed8e773615f807adda148c154

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/img/icons/download-started.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: image/png
content-length: 14118
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-3726"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/img/icons/error-icon-white.png

95.168.206.104

200 OK

12 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/img/icons/error-icon-white.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 338 x 299, 8-bit/color RGBA, non-interlaced
Size
12 kB (11960 bytes)
Hash
32c866eeea9bc4b196f7bee48ad67118
6d147a89fb15ca6d2afb2944ca304dea5c4a313a
6490337f88e66d71ad91441472a411b5ef379508f423631e5867cbead8afa762

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/img/icons/error-icon-white.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: image/png
content-length: 11960
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-2eb8"
accept-ranges: bytes

GET getshared.com/assets/img/getshared-logoxx.png

95.168.206.104

200 OK

17 kB

URL GET HTTP/1.1
getshared.com/assets/img/getshared-logoxx.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 539 x 178, 8-bit/color RGB, non-interlaced
Size
17 kB (17240 bytes)
Hash
e46afa751baeefd6dbc62e3ffe3335e0
c79b69f431a15e7750a4e24b2f252236989ce7be
9f663ab9806b17eb722ed84da6ea876b782c7728e260361a5a074ebeb6e54d71

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/getshared-logoxx.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: image/png
content-length: 17240
last-modified: Sat, 16 Sep 2023 09:58:53 GMT
etag: "65057c5d-4358"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/img/icons/download.png

95.168.206.104

200 OK

18 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/img/icons/download.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 391 x 325, 8-bit/color RGBA, non-interlaced
Size
18 kB (18408 bytes)
Hash
fb1bba0d3c6a8dbe702709e1881bb26e
324856489f36622b3511a2bb247a988e3c18d810
ed6b63c503fda4009645bbad5a16e5b4b53f32420a2d4b50d5ac414dc061ca27

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/img/icons/download.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: image/png
content-length: 18408
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-47e8"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/img/icons/question.png

95.168.206.104

200 OK

14 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/img/icons/question.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 369 x 371, 8-bit/color RGBA, non-interlaced
Size
14 kB (13585 bytes)
Hash
be7385c93b679461a052c922eaa68a0a
0ec67d5edfcfdae9f69c633312ebbf21c24477d2
fe28cd01e258ac3ea68a30f320062991539f4a4f7dbb0deb732c7f5503d0124c

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/img/icons/question.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: image/png
content-length: 13585
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-3511"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/js/lord-icon-2.0.2.js

95.168.206.104

200 OK

274 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/js/lord-icon-2.0.2.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65469)
Size
274 kB (274012 bytes)
Hash
a5b2d4918b9b89866da361b36cff70cf
4b0368a538b58773e546fdfbba987155397ca47a
7aae2e987947339a6666783f8bba87de9a96743bf1a6135036d7413dd6b8e546

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/js/lord-icon-2.0.2.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
content-length: 274012
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-42e5c"
accept-ranges: bytes

GET getshared.com/assets/themes/modern/css/bulma.min.css

95.168.206.104

200 OK

207 kB

URL GET HTTP/1.1
getshared.com/assets/themes/modern/css/bulma.min.css
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
207 kB (206620 bytes)
Hash
04ba689c01d96e600ef0cc16bb0bb72a
06411de8efc0aa3ca9629073023011b2f9fcde22
503b5b507aa95557d799d25c41553f6df0c4afdc6575fdc36ddd12843d147ff6

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/themes/modern/css/bulma.min.css HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/assets/themes/modern/css/style.css?v=9001016472.5.3
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/css
content-length: 206620
last-modified: Sun, 03 Sep 2023 15:27:05 GMT
etag: "64f4a5c9-3271c"
accept-ranges: bytes

GET getshared.com/page/premium?iframe=true

95.168.206.104

200 OK

4.4 kB

URL GET HTTP/1.1
getshared.com/page/premium?iframe=true
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text, with very long lines (1442), with CRLF line terminators
Size
4.4 kB (4388 bytes)
Hash
dbe6fed7470cd768c365e74f34058fa8
9106c5fe67639e35f8dcd0634525438a37da10e5
e96a1681cf6c4c0bf64ed6c969712a55d6b12395a85554a21f276f29c0072544

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /page/premium?iframe=true HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18492, version 1.0
Size
18 kB (18492 bytes)
Hash
7fda4c62c1bdeae7a08e6fd438104bac
b1f626e78f5f6d7be993303a49eb81f0fa4ce57c
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Nov 2024 02:01:28 GMT
expires: Sat, 22 Nov 2025 02:01:28 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
age: 303097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/modules/core.junnp81e.js

104.22.71.197

200 OK

29 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.junnp81e.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28926 bytes)
Hash
ebb1195447f73fa6e5c4ad3e887c7974
075975e4b97b5df51b93792f22f55ecb3c2b48be
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35

HTTP Headers

GET /menu/modules/core.junnp81e.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
etag: W/"e6e4834d2c3691bbe81e6cdbd5ea9b75"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKWzMbs9c68pWGWjj7lA6weXTh5FyCwTObwErucU7FiB4kWf9qYtbBcTiZyIMwGNBFUvagUsy%2BeX%2FZ2mbA5odWlkVCiTZp1Krpmx5Zf%2Fy8ah%2BHO3DDc%2FwQG75omgLX%2B%2FQrLe2pJf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 22203
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc399f492c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET getshared.com/assets/plugins/droppy_premium/js/template.js

95.168.206.104

200 OK

207 B

URL GET HTTP/1.1
getshared.com/assets/plugins/droppy_premium/js/template.js
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JavaScript source, ASCII text
Size
207 B (207 bytes)
Hash
1a8d3dbce3ddd62f52c3608a4a22d727
942c2786fc9917659bfe8275b4308666904d9c92
41b2b0785e19f985cb2b32e637b062cd85573871f67ca6f2ee70c5256b96ad2a

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/droppy_premium/js/template.js HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/page/premium?iframe=true
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
content-length: 207
last-modified: Mon, 04 Sep 2023 10:29:42 GMT
etag: "64f5b196-cf"
accept-ranges: bytes

GET getshared.com/assets/img/iconx.png

95.168.206.104

200 OK

1.2 kB

URL GET HTTP/1.1
getshared.com/assets/img/iconx.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 32 x 39, 8-bit/color RGB, non-interlaced
Size
1.2 kB (1154 bytes)
Hash
6f662865ddee36cff8889b20f1e0b2d0
2d859c7b586b223b36128b8193bd27ad3a55e1dd
dc835ffd26dd54fc1c3ad0f83565e2c6899bfcdc472f40186ea14308117ad8b5

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/iconx.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: image/png
content-length: 1154
last-modified: Sat, 16 Sep 2023 07:20:59 GMT
etag: "6505575b-482"
accept-ranges: bytes

GET fonts.googleapis.com/css?family=Raleway:400,300,600,800,900

64.233.164.95

200 OK

30 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Raleway:400,300,600,800,900
IP
64.233.164.95:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:86:A1:6B:1F:1B:CF:FB:22:64:8F:22:24:43:09:BB:74:A6:A4:ED
ValidityMon, 21 Oct 2024 08:38:06 GMT - Mon, 13 Jan 2025 08:38:05 GMT

File type
gzip compressed data, max compression
Size
30 kB (30008 bytes)
Hash
4de2287779c1628ab9d19f4ca8b0709f
e414763431271a8b4284c2e8356208b924bfea3b
b0912e01a08e6b96c02412a08e9660faa87fd36a720743d2defe8d8363e47f7c

HTTP Headers

GET /css?family=Raleway:400,300,600,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 25 Nov 2024 14:13:04 GMT
date: Mon, 25 Nov 2024 14:13:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/css/bulma-carousel.min.css

151.101.129.229

200 OK

989 B

URL GET HTTP/2
cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/css/bulma-carousel.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (3645), with no line terminators
Size
989 B (989 bytes)
Hash
5eea312b55e6133af7f41beeedf58f2b
93ebfe2b1efbbd3d8547a2899b00162e6763f001
9d586b0d953f9dedc8ff3e8b5d611bc943849afefdb0f18a11bb0fed258b9072

HTTP Headers

GET /npm/bulma-carousel@4.0.3/dist/css/bulma-carousel.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.3
x-jsd-version-type: version
etag: W/"e3d-k+v+Kx77vT2FR6KJmwAWLmdj8AE"
content-encoding: br
accept-ranges: bytes
age: 1935971
date: Mon, 25 Nov 2024 14:13:05 GMT
x-served-by: cache-fra-eddf8230089-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 989
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
ASCII text, with very long lines (59158)
Size
10 kB (10482 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: text/css; charset=utf-8
content-length: 10482
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6599bda5-28f2"
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 574726
expires: Sat, 15 Nov 2025 14:13:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYSVKzizIk64ZDmstyIi7mN2kGtDVBHWEEzs8zir%2BUEzBEAI4KjsVWVvqX7966cDn2TRxpjqpiHQm%2BcEIWjZXXLOM0o%2BFV%2FG88ybGTgpNww%2Bnv9WZ262zxrCIxSu3xvwdayYYBqk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8e823cc4793f1c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bulma-social@2/css/all.min.css

151.101.129.229

200 OK

10 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bulma-social@2/css/all.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
10 kB (10079 bytes)
Hash
2cb54e648e95ad5d206b0ca665653d2f
8517b02c40c12c70f57399e11405382937bd14bd
b85c106e1a51238780e90b6666f35768b840d75255eee0a2ecd8ad35f393c0a2

HTTP Headers

GET /npm/bulma-social@2/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 2.1.0
x-jsd-version-type: version
etag: W/"17187-hRewLEDBLHD1c5nhFAU4KTe9FL0"
content-encoding: br
accept-ranges: bytes
age: 18117
date: Mon, 25 Nov 2024 14:13:05 GMT
x-served-by: cache-fra-eddf8230094-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10079
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/js/bulma-carousel.min.js

151.101.129.229

200 OK

8.7 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bulma-carousel@4.0.3/dist/js/bulma-carousel.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (40723), with no line terminators
Size
8.7 kB (8663 bytes)
Hash
9b5c4d23262729817f69b6d28b9479f0
aad3a8f22446ceee74247716f4f1e34db3fd473a
a8a47bef2cd50640d82aea128360690086ccb6617c6858ee4c71559c88e4a732

HTTP Headers

GET /npm/bulma-carousel@4.0.3/dist/js/bulma-carousel.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.0.3
x-jsd-version-type: version
etag: W/"9f13-qtOo8iRGzu50JHcW9PHjTbP9Rzo"
content-encoding: br
accept-ranges: bytes
age: 913428
date: Mon, 25 Nov 2024 14:13:05 GMT
x-served-by: cache-fra-etou8220129-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8663
X-Firefox-Spdy: h2

GET getshared.com/assets/plugins/droppy_premium/images/stripe.png

95.168.206.104

200 OK

8.4 kB

URL GET HTTP/1.1
getshared.com/assets/plugins/droppy_premium/images/stripe.png
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
PNG image data, 212 x 87, 8-bit/color RGBA, non-interlaced
Size
8.4 kB (8360 bytes)
Hash
ac27751e6823f123ac81cdcab5c51b8b
8c83b69c511d44f63a5710c6b0598ff12e50be9f
85541b784061515769db4a7c39be302b51092d9ada84e383f9b291f0a3345fd4

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/droppy_premium/images/stripe.png HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/page/premium?iframe=true
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: image/png
content-length: 8360
last-modified: Mon, 04 Sep 2023 10:29:42 GMT
etag: "64f5b196-20a8"
accept-ranges: bytes

GET code.jquery.com/jquery-3.6.0.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 25 Nov 2024 14:13:05 GMT
age: 2526312
x-served-by: cache-lga21931-LGA, cache-hel1410021-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 1243899
x-timer: S1732543985.401823,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (545)
Size
221 kB (220753 bytes)
Hash
81697e6cdd98e37117d7bddcecf07576
0ea9efeb29efc158cd175bb05b72c8516dbaa965
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:34 GMT
expires: Tue, 25 Nov 2025 11:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 11311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET getshared.com/handler/getjstranslation?_=1732543985027

95.168.206.104

200 OK

456 B

URL GET HTTP/1.1
getshared.com/handler/getjstranslation?_=1732543985027
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JSON text data
Size
456 B (456 bytes)
Hash
8324e6fe72fb21177fea2ba6d32b01e9
3abdb8f35a0ae2c65ec92ca90022cd432410608a
3f8ea5f35100dc2784e45ab4a05b055b1784f7b95759f86ceb6d0065025e6ac3

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /handler/getjstranslation?_=1732543985027 HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; expires=Tue, 26-Nov-2024 02:13:05 GMT; Max-Age=43200; path=/; HttpOnly; SameSite=Lax
content-encoding: gzip

GET getshared.com/assets/backgrounds/gs1.jpg

95.168.206.104

200 OK

736 kB

URL GET HTTP/1.1
getshared.com/assets/backgrounds/gs1.jpg
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2400x1600, components 3
Size
736 kB (736299 bytes)
Hash
c0c0aaae05f7565461569d891d6eb4b5
d752eff04f45ad762f3c840a225c5041b21d8ba8
acc42923925daa0f5fcc5f8d21674b8720fded8e1c02d76613a80bc07591a961

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/backgrounds/gs1.jpg HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: image/jpeg
content-length: 736299
last-modified: Mon, 22 Apr 2024 15:42:30 GMT
etag: "66268566-b3c2b"
accept-ranges: bytes

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css

142.250.74.99

200 OK

42 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42047 bytes)
Hash
c8bc74b65a8a31d4c7af2526b0c75a62
dd1524ca86eb241b31724a9614285a2845880604
3b457e0acfb1d231461936c78086c9ea63de3397cbb019c4fe0182a645d67717

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 42047
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:32 GMT
expires: Tue, 25 Nov 2025 11:04:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 11313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (545)
Size
221 kB (220753 bytes)
Hash
81697e6cdd98e37117d7bddcecf07576
0ea9efeb29efc158cd175bb05b72c8516dbaa965
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:34 GMT
expires: Tue, 25 Nov 2025 11:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 11311
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Nov 2024 18:58:05 GMT
expires: Sat, 22 Nov 2025 18:58:05 GMT
cache-control: public, max-age=31536000
age: 242101
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/svg/icons/facebook.js

104.22.71.197

200 OK

2.6 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (429), with no line terminators
Size
2.6 kB (2621 bytes)
Hash
014bcc757e484e12e3aea6c9d768fd4b
4c17157d0012f8002e4e6cf77c5f4a9747792cf4
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"68925fa8e347041c6006837e73c518bc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igoPiknTXXFriPm9nPOls2Z8whOY%2FWVbyDzZI9WIbNti%2FTq0HDaBO1de3rC8gedlyMnVpopUfodXIEM5DnFLcAgjCsfeAcGgKDDbLbN5mA1PfiiNZa5lhUaKqZ2SFMZbckosuyq7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4ab9592c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js

104.26.7.160

200 OK

69 kB

URL GET HTTP/2
www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js
IP
104.26.7.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjecttermsfeed.com
FingerprintCA:4B:CA:B0:1B:5A:5E:62:F9:F2:DC:08:0E:A3:97:B5:EE:3E:1F:92
ValiditySat, 16 Nov 2024 22:41:12 GMT - Fri, 14 Feb 2025 22:41:11 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (63944), with no line terminators
Size
69 kB (68820 bytes)
Hash
47b00d07cc14b7d9d632d371738fc9d5
e60ee5ab640b6db6b74836e316c01cd9ebcefb55
3970995f9349f50d7f5282d33468940828f7a27e2aac2116126ea6698ce243cf

HTTP Headers

GET /public/cookie-consent/4.1.0/cookie-consent.js HTTP/1.1
Host: www.termsfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
x-priority: 5/n
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=3600
last-modified: Sun, 24 Nov 2024 23:45:48 GMT
expires: Mon, 25 Nov 2024 01:45:48 GMT
etag: W/"8e960a05b50b504c3f51664b60851f7f"
x-z: 5179
cf-cache-status: HIT
age: 18850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8BNH99LphgyD9v3B2TmqnosDve6Ra8%2FfrNAGQZLtLpzeHGpL3CEGbt9TduHJ9cjSHbhLuQtRyXs89g13U%2BJWHfetDtbIow%2Bb01t2bpCh7LQv43RAx%2FdZrWkHawMwAstjNwr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8e823cbfdeb956bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16473&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2781&recv_bytes=1082&delivery_rate=173913&cwnd=252&unsent_bytes=0&cid=9f75a9cbb8d27784&ts=58&x=0"
X-Firefox-Spdy: h2

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (545)
Size
221 kB (220753 bytes)
Hash
81697e6cdd98e37117d7bddcecf07576
0ea9efeb29efc158cd175bb05b72c8516dbaa965
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:34 GMT
expires: Tue, 25 Nov 2025 11:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 11312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css

142.250.74.99

200 OK

42 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42047 bytes)
Hash
c8bc74b65a8a31d4c7af2526b0c75a62
dd1524ca86eb241b31724a9614285a2845880604
3b457e0acfb1d231461936c78086c9ea63de3397cbb019c4fe0182a645d67717

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 42047
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:32 GMT
expires: Tue, 25 Nov 2025 11:04:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 11314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js

142.250.74.99

200 OK

221 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
JavaScript source, ASCII text, with very long lines (545)
Size
221 kB (220753 bytes)
Hash
81697e6cdd98e37117d7bddcecf07576
0ea9efeb29efc158cd175bb05b72c8516dbaa965
73dd640564004ec8730e7f3433b9dfaa6876ac3a27e6964a17834f07f6d56116

HTTP Headers

GET /recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220753
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 11:04:34 GMT
expires: Tue, 25 Nov 2025 11:04:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 11312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET getshared.com/assets/backgrounds/gs4.jpg

95.168.206.104

200 OK

621 kB

URL GET HTTP/1.1
getshared.com/assets/backgrounds/gs4.jpg
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Monique Wray], baseline, precision 8, 2400x1600, components 3
Size
621 kB (620866 bytes)
Hash
e0f7c0725f8aed485240ff696e399574
3788f700c704c18f1c10ea69d39e85dbfae763d8
c33ebf695d8d8a99b40bb2751a292783c5995995d7db7af9745b28ba4d4ac5a6

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/backgrounds/gs4.jpg HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:15 GMT
content-type: image/jpeg
content-length: 620866
last-modified: Mon, 22 Apr 2024 15:42:48 GMT
etag: "66268578-97942"
accept-ranges: bytes

GET getshared.com/assets/backgrounds/gs2.jpg

95.168.206.104

200 OK

647 kB

URL GET HTTP/1.1
getshared.com/assets/backgrounds/gs2.jpg
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2400x1601, components 3
Size
647 kB (646952 bytes)
Hash
8910db194eaece70b2855596a0899911
8e8637ae1e4e369ed8cfc991b0cad7fd8e68e331
1011d95dffe114e982360221799bbedd7441b6a6160ac619a02c32905e51bb4d

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/backgrounds/gs2.jpg HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:26 GMT
content-type: image/jpeg
content-length: 646952
last-modified: Mon, 22 Apr 2024 15:42:38 GMT
etag: "6626856e-9df28"
accept-ranges: bytes

GET www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t

142.250.74.164

200 OK

48 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
HTML document, ASCII text, with very long lines (39605)
Size
48 kB (48524 bytes)
Hash
1bf113e64d62e63973baef8b8dea88dc
93139791f570a0849a25e264f82b2c9a0ed7bb87
2bd5e61b0d68c67254ba778e1afc17a4e4ba9e113d15fc9c44faa31864dba857

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 25 Nov 2024 14:13:05 GMT
content-security-policy: script-src 'nonce-qtj1DpQbpx2-mSA19Ax1Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET static.addtoany.com/menu/svg/icons/whatsapp.js

104.22.71.197

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"83af4df8173e43227812296bb8542dcf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6t6ji%2B%2BZwzSNisH0Ew18HnVxA1h0zkcd8ZLjsicKqsCEwV8jix7CRps8a%2FNSJAMpAs1aQjglQBvO2alQYAQM62hoOCFxq30HJuFACmG5Y8w75eZIqDxw56PLLsIahkZocmQFpcsD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4bb9f92c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET static.addtoany.com/menu/svg/icons/email.js

104.22.71.197

200 OK

415 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/email.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (425), with no line terminators
Size
415 B (415 bytes)
Hash
4465bfdb8cba21fb7a17422a5f089336
ee98a72a1d681aa77dbb74021a77095c2127bab1
20ff569821a7401cc61a9925bc9d837eff6e1beffbccf1da5da9145c835f54f2

HTTP Headers

GET /menu/svg/icons/email.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"eb2119ad4221a9d01abc336e06962867"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjPxoA1NgjzZzzIjFjK9IMx5P2xdX03tPNYLoyEGsioKe%2BZ%2Ffv7GOjFpJ%2B70sF03gvi75%2BcFt%2FL%2FBLQlEIjf%2FRilAD4Akf8jGwdI3taEoaGMopf%2BiYCe2Voqq39rDa78v4Y8FvrI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4bba092c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET static.addtoany.com/menu/page.js

104.22.71.197

200 OK

3.2 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
JavaScript source, ASCII text, with very long lines (3283), with no line terminators
Size
3.2 kB (3152 bytes)
Hash
1fb648fc2c7539dd0fcfa7292705bf89
560305bb018f6cd12885b81156f5df4e340c3b27
45a8f9c2333752bb14e58dd1bd720ba93f1952b1c8dde6e1d538dc9a73d0351b

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
etag: W/"3ae23968c16ec39faa9f97db5ea5195b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHpONdSpkd5fjthn1RBASmhwEAiqHBlnDtoyA9dm8OyfalbgSoTbQMIIE2jkzPdqN7d3QAqh2sHwwRBGE2NYSfqtolcd%2F8jwqPa3e9dbzuiJ9ShMAdEEShVRPv%2BNBCtdfqfP8xR%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 27596
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cbfddf29984-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC

142.250.74.164

200 OK

7.7 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
HTML document, ASCII text, with very long lines (7931), with no line terminators
Size
7.7 kB (7700 bytes)
Hash
41226a5768a595acd0a2c34a3a991e6a
9683d864f31950f3750573e61aa7d598c1f08a2e
89395c1182c9ccf6a912da7ccd9c64bc49f2a259572bd65006824a09be5db27c

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=pPK749sccDmVW_9DSeTMVvh2&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 25 Nov 2024 14:13:06 GMT
content-security-policy: script-src 'nonce-7TqCKkCsdsje5-m9r9LrFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.google.com/recaptcha/api.js

142.250.74.164

200 OK

870 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC1:5D:47:A6:B2:09:5F:1C:78:06:A8:63:D5:80:5A:A2:73:83:A3:B3
ValidityMon, 21 Oct 2024 08:38:45 GMT - Mon, 13 Jan 2025 08:38:44 GMT

File type
JavaScript source, ASCII text, with very long lines (870), with no line terminators
Size
870 B (870 bytes)
Hash
9a7730f4a9a8ea6aeb1a51493b19c248
8e1bddd7332f16b21514442022da22c56a009596
19dc0943a446be7f0d9d6e08ec9541c1c9996840d43b1e9aae42da4174184a09

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 25 Nov 2024 14:13:04 GMT
date: Mon, 25 Nov 2024 14:13:04 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/svg/icons/twitter.js

104.22.71.197

200 OK

645 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
645 B (645 bytes)
Hash
671b3272826b2e03f7f5ecc6846a4f83
bcd620154cd6381ddf84b4e17e53ad716f3acbea
b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujr%2F2L7gklgd8BO9LIDkoTgRvzNkESzKmGaL0f2r1TesbAiohLTbUzEEyEgKNvtiBEB5VEHNVLX13HkWRfV6%2FzFe4CAObBz9IWoZchcva5OdDxVX4N%2B8f8SmEjkdfbQNVm8gjNyi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4bb9a92c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52
ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Nov 2024 00:14:26 GMT
expires: Sat, 30 Nov 2024 00:14:26 GMT
cache-control: public, max-age=604800
age: 223120
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdn.lineicons.com/3.0/lineicons.css

188.114.97.1

200 OK

27 kB

URL GET HTTP/2
cdn.lineicons.com/3.0/lineicons.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerLet's Encrypt
Subjectcdn.lineicons.com
Fingerprint12:6F:AC:3A:F8:9A:C8:2A:D7:43:B5:09:E5:21:D5:C0:89:91:7C:2C
ValidityTue, 22 Oct 2024 08:21:14 GMT - Mon, 20 Jan 2025 08:21:13 GMT

File type
ASCII text
Size
27 kB (26961 bytes)
Hash
00282fd33a61174975816a807099d6d2
550172ffb100c81b1884a70cc1881cd518c64b85
fe319d1cecd4fb76613fc1f71ac584dd5b56103b128e54aa119d672d601d7b77

HTTP Headers

GET /3.0/lineicons.css HTTP/1.1
Host: cdn.lineicons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Nov 2024 14:13:04 GMT
content-type: text/css
etag: W/"00282fd33a61174975816a807099d6d2"
last-modified: Tue, 22 Oct 2024 09:11:16 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKLuvI%2B%2FAcyBDNgga3RDAve3iN%2BJvG5knhDNHwmhZXsp1DMMRLeg%2Bd3XeBYEnq%2BjppshakozSld5OCGSws490jDmJj7Oj%2B1a7vSbjPvw43%2FChD7FO6CYiJTYeiezbMzG773fzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8e823cbfd93f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16552&sent=5&recv=9&lost=0&retrans=0&sent_bytes=2846&recv_bytes=1203&delivery_rate=173829&cwnd=252&unsent_bytes=0&cid=d21890408df3cae4&ts=57&x=0"
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bulma@0.9.1/css/bulma.min.css

151.101.129.229

200 OK

204 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bulma@0.9.1/css/bulma.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
204 kB (204030 bytes)
Hash
281a08362e797a0922f6074359ad15be
73102e6a8000bb4dc8bc29c6657088cb1907282d
58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033

HTTP Headers

GET /npm/bulma@0.9.1/css/bulma.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 0.9.1
x-jsd-version-type: version
etag: W/"31cfe-cxAuaoAAu03IvCnGZXCIyxkHKC0"
content-encoding: br
accept-ranges: bytes
date: Mon, 25 Nov 2024 14:13:05 GMT
age: 4762994
x-served-by: cache-fra-eddf8230058-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29360
X-Firefox-Spdy: h2

GET static.addtoany.com/menu/svg/icons/a2a.js

104.22.71.197

200 OK

182 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/a2a.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
4db08a52ad8927bb87884526a96beb94
da541aec9c65b613f83ecfc56cd3c80a3221932a
4172078aeb1306c9c9f454cb78cee31e0d09c25742197e59fa6718c3bb2b4abc

HTTP Headers

GET /menu/svg/icons/a2a.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqByBz6py6B264l3l3jlNhLfelME%2FiQnm%2FyJcvL24x01KJKq5H4%2F4A%2Fvx%2BblkVzB77zy%2BEjzFdiczPX1wDPHm1lWDMa5wXMUMXOpmvqtcRLmEcYRVy8jgtzItVetNWSYQL%2FabI3u"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4ab8c92c4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fonts.googleapis.com/css?family=Open+Sans:300,400,700

64.233.164.95

200 OK

17 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
64.233.164.95:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:86:A1:6B:1F:1B:CF:FB:22:64:8F:22:24:43:09:BB:74:A6:A4:ED
ValidityMon, 21 Oct 2024 08:38:06 GMT - Mon, 13 Jan 2025 08:38:05 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (17382 bytes)
Hash
cbd1aa6bfc2fcb82143ee4e794c19660
e26abc004ec2cf733b2dac424f829563345ee21e
38fc8bd10fe5c3a319b678004e342299db15405ce7ac8690d43ad2f052ade908

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 25 Nov 2024 14:13:05 GMT
date: Mon, 25 Nov 2024 14:13:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap

64.233.164.95

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
IP
64.233.164.95:443
ASN
#15169 GOOGLE

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:86:A1:6B:1F:1B:CF:FB:22:64:8F:22:24:43:09:BB:74:A6:A4:ED
ValidityMon, 21 Oct 2024 08:38:06 GMT - Mon, 13 Jan 2025 08:38:05 GMT

File type
ASCII text, with very long lines (2464), with no line terminators
Size
2.4 kB (2401 bytes)
Hash
fb8d4165826ff31d026fd30e2b0e104a
196b4f77feba4a8a3211bff874453419e00d385d
592e064f6fa8a4477ee3bacef3dc639d2d96c2a4c88f37aa8f7569044d199764

HTTP Headers

GET /css2?family=Roboto:wght@300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 25 Nov 2024 14:13:04 GMT
date: Mon, 25 Nov 2024 14:13:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js

142.250.74.164

200 OK

19 kB

URL GET HTTP/3
www.google.com/js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (18291)
Size
19 kB (18909 bytes)
Hash
fab62d4b740825ef4e05d8cb34172e04
b949eeb28c46bfb3a415d868ae67a52701bcbbe6
5bc08f19dcd89a57239fefb7ff17859ae74893c5afd2fba9194f4176be5013e8

HTTP Headers

GET /js/bg/W8CPGdzYmlcjn--3_xeFmudIk8Wv0vupGU9Bdr5QE-g.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Nov 2024 07:49:58 GMT
expires: Tue, 25 Nov 2025 07:49:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Nov 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 22988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET static.addtoany.com/menu/sm.25.html

104.22.71.197

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThuWNZl1DDlXLg1ZYA73zAOtlOyX9kzSzoQvCsq9eOlFqlMjHnE26IAsCo9wRjajc3abLWscXXaq6xRno0nopepIswMUksQNHz6hC1YeOodjP3SnPCL4av0atYe3QkVGVJQR5rBt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: br
cf-cache-status: HIT
age: 24121
last-modified: Mon, 25 Nov 2024 07:31:04 GMT
priority: u=4,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc389ea92c4-CPH
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET static.addtoany.com/menu/svg/icons/reddit.js

104.22.71.197

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
104.22.71.197:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getshared.com/6KKc8jmI/7b5c4c76b1d73c573549c54aed367522/
Certificate
IssuerGoogle Trust Services
Subjectstatic.addtoany.com
FingerprintC2:D1:F4:29:CE:83:5F:8B:E5:40:D2:ED:5D:44:01:CF:06:05:C1:1B
ValiditySun, 03 Nov 2024 22:25:57 GMT - Sat, 01 Feb 2025 22:25:56 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getshared.com
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wrMZ7L%2FwpAuvUgOZWLHpIvjODevF6MFexoSUxKIM9BcirSjsgAuBKTU7wtFCsljoMRKLoKOglU5wcz1l3woL7PKFp2Sf72sL7%2F%2BBAJ6QCWBwaziUo65wzhS3iqo5z6uG%2Frr%2FS0z6NhHuq4dpapI2m9m"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27812
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8e823cc4bb9c92c4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET getshared.com/assets/plugins/droppy_premium/css/product-page.css

95.168.206.104

200 OK

2.9 kB

URL GET HTTP/1.1
getshared.com/assets/plugins/droppy_premium/css/product-page.css
IP
95.168.206.104:443
ASN
#39392 SH.cz s.r.o.

Requested by
https://getshared.com/page/premium?iframe=true
Certificate
IssuerLet's Encrypt
Subjectgetshared.com
FingerprintB6:61:89:32:5B:C1:41:C5:43:C6:34:79:2D:A4:7D:4D:3A:18:20:E0
ValidityFri, 13 Sep 2024 14:02:28 GMT - Thu, 12 Dec 2024 14:02:27 GMT

File type
ASCII text, with very long lines (3096), with no line terminators
Size
2.9 kB (2941 bytes)
Hash
5ddfc810bf373314b7d8f0c0605b90cd
5a2ceb63c6df77667078191cbb8d53316bda6e5b
39e008906f9750ddb650a7d78cd5238c73f9223fb1b1cc7575590e5fc3f3a09e

Detections

Analyzer	Verdict	Alert
Mnemonic Secure DNS	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/droppy_premium/css/product-page.css HTTP/1.1
Host: getshared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://getshared.com/page/premium?iframe=true
Cookie: droppy_session=lp25ueu6leodq1bu0e651jf2nk5mmu1f; cookie_consent_level=%7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Afalse%2C%22tracking%22%3Afalse%2C%22targeting%22%3Afalse%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 25 Nov 2024 14:13:05 GMT
content-type: text/css
content-length: 2941
last-modified: Mon, 04 Sep 2023 10:29:42 GMT
etag: "64f5b196-b7d"
accept-ranges: bytes

GET www.google.com/recaptcha/api2/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2

142.250.74.164

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2C:88:D1:F3:88:1E:8C:7A:FA:75:31:0C:56:7A:2F:4E:7F:79:4F:EB
ValidityMon, 21 Oct 2024 08:36:57 GMT - Mon, 13 Jan 2025 08:36:56 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
f56bc8f23c3b3a667e0f3096f87dd792
9c064bf7e19a1da889286cf59e260c3e7c61bb5a
0474c582af94690bca87dce1b9dc2c42d26c4aa831bc03a1e11ee1a169b211e4

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=pPK749sccDmVW_9DSeTMVvh2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5SywoAAAAAEt7mptBTHimxboNqfscEC3Mp1GC&co=aHR0cHM6Ly9nZXRzaGFyZWQuY29tOjQ0Mw..&hl=en&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=poraiij5787t
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Mon, 25 Nov 2024 14:13:06 GMT
date: Mon, 25 Nov 2024 14:13:06 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by