Overview

URL www109.zippyshare.com/d/oc6swaoi/16487/revo.uninstaller.pro.v3.2.1.kuyhaa.me.rar
IP46.166.139.231
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-17 02:22:35 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-17 2 aphycolourses.info/akh4MnURagtFKh86FBBPSCAMRgUZclcdAh0%2FSQJMRDIRQgUTOxBTBw (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-16 2 unphionetor.com Sinkholed
2022-06-16 2 unphionetor.com Sinkholed
2022-06-16 2 upsidejolly.com Sinkholed


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.35 Unknown ranking
[Mnemonic Passive DNS] etoro.com (1) 7928 2012-05-29 12:18:15 UTC 2012-07-12 01:31:46 UTC 104.110.24.102
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-16 04:59:38 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-16 05:20:58 UTC 151.101.86.133
[Mnemonic Passive DNS] www109.zippyshare.com (10) 0 No data No data 46.166.139.231 Domain (zippyshare.com) ranked at: 41031
[Mnemonic Passive DNS] r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-06-16 05:09:03 UTC 23.36.77.32
[Mnemonic Passive DNS] aphycolourses.info (1) 121151 No data No data 44.195.137.121
[Mnemonic Passive DNS] unphionetor.com (2) 54035 No data No data 139.45.197.236
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-16 13:47:28 UTC 34.120.237.76
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-16 04:54:14 UTC 142.250.74.3
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-16 04:56:12 UTC 54.188.94.105
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-06-16 13:31:02 UTC 142.250.74.164
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-16 19:31:14 UTC 93.184.220.29
[Mnemonic Passive DNS] www.etoro.com (1) 18613 2012-05-29 12:18:15 UTC 2022-06-16 05:03:55 UTC 172.64.152.107
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-16 18:25:46 UTC 45.133.44.9
[Mnemonic Passive DNS] louchees.net (2) 281261 No data No data 139.45.197.236
[Mnemonic Passive DNS] my.rtmark.net (1) 9054 No data No data 139.45.195.8
[Mnemonic Passive DNS] ntualkentined.xyz (5) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-06-16 12:35:47 UTC 34.120.5.221
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-06-17 00:07:15 UTC 172.64.155.188
[Mnemonic Passive DNS] ouknatstuffs.xyz (5) 0 No data No data 54.230.111.124 Unknown ranking
[Mnemonic Passive DNS] med.etoro.com (1) 45781 2020-11-04 13:13:58 UTC 2022-06-16 05:03:56 UTC 104.88.18.91
[Mnemonic Passive DNS] interstitial-07.com (2) 36198 No data No data 139.45.197.155
[Mnemonic Passive DNS] www.maxonclick.com (3) 173326 2017-01-29 09:04:56 UTC 2022-06-16 18:25:42 UTC 35.190.68.123
[Mnemonic Passive DNS] ukfareputfea.xyz (3) 0 No data No data 172.67.217.225 Unknown ranking
[Mnemonic Passive DNS] cdn.adx1.com (1) 10630 2018-05-29 09:13:29 UTC 2022-06-16 22:34:55 UTC 149.11.201.98
[Mnemonic Passive DNS] upsidejolly.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.49 Unknown ranking
[Mnemonic Passive DNS] toglooman.com (4) 144309 No data No data 139.45.197.239


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.231

Date UQ / IDS / BL URL IP
2022-06-26 16:17:44 +0000
0 - 0 - 4 www110.zippyshare.com/d/tzq4tpu5/7320/l3050ec (...) 46.166.139.231
2022-06-26 16:17:33 +0000
0 - 0 - 3 www110.zippyshare.com/d/tzq4tpu5/8683/l3050ec (...) 46.166.139.231
2022-06-24 08:02:11 +0000
0 - 0 - 8 www110.zippyshare.com/d/tzq4tpu5/17103/l3050e (...) 46.166.139.231
2022-06-24 07:25:56 +0000
0 - 0 - 9 www110.zippyshare.com/d/tzq4tpu5/30517/l3050e (...) 46.166.139.231
2022-06-17 19:40:33 +0000
0 - 0 - 9 https://www110.zippyshare.com/d/2HPetcoH/3583 (...) 46.166.139.231
2022-06-17 02:22:17 +0000
0 - 0 - 12 www109.zippyshare.com/d/oc6swaoi/8755/revo.un (...) 46.166.139.231
2022-06-12 13:32:02 +0000
0 - 0 - 12 https://www110.zippyshare.com/d/YZENOK7Q/1825 (...) 46.166.139.231
2022-06-10 15:53:19 +0000
0 - 0 - 7 www109.zippyshare.com/d/oc6swaoi/37047/revo.u (...) 46.166.139.231
2018-12-15 12:56:12 +0100
0 - 0 - 1 https://www110.zippyshare.com/d/u2mtbtGA/841/ (...) 46.166.139.231
2017-09-05 18:40:13 +0200
0 - 0 - 0 www109.zippyshare.com/v/5BA45I0d/file.html 46.166.139.231

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-08-15 18:59:01 +0000
0 - 0 - 1 141.98.6.236/1337New/Wjgqesf-OLD-3.exe 141.98.6.236
2022-08-15 18:58:53 +0000
0 - 0 - 1 141.98.6.236/1337/Wjgqesf-OLD-3.exe 141.98.6.236
2022-08-15 18:58:52 +0000
0 - 0 - 1 141.98.6.236/Z2k/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-15 18:58:45 +0000
0 - 0 - 1 141.98.6.236/Z2KNEW/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-15 18:58:40 +0000
0 - 0 - 1 141.98.6.236/1337Traget/Rxvgxnss-1337x-2.exe 141.98.6.236
2022-08-15 18:58:34 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-2.exe 141.98.6.236
2022-08-15 18:58:28 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-4.exe 141.98.6.236
2022-08-15 18:58:27 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-15 18:58:22 +0000
0 - 0 - 1 141.98.6.236/limetor/Kgilth-LIME-2.exe 141.98.6.236
2022-08-15 18:58:19 +0000
0 - 0 - 1 141.98.6.236/Z2KNEW/Ivnut-Z2K-2.exe 141.98.6.236

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (84)


Request Response
                                        
                                            GET /d/oc6swaoi/16487/revo.uninstaller.pro.v3.2.1.kuyhaa.me.rar HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=29A499DA13E95AECDA5F511A47C512DE; Path=/; HttpOnly
Location: http://www109.zippyshare.com/v/oc6swaoi/file.html

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F7449D747B3C17B6AF8E1F057D563EE3B5833BE3C3BB77155DECB7AC5F3CC950"
Last-Modified: Thu, 16 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9166
Expires: Fri, 17 Jun 2022 04:55:04 GMT
Date: Fri, 17 Jun 2022 02:22:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5BF1F7A148EB9C571CEC425C0D564562DBE419596D09409BB152FD2DAFA07155"
Last-Modified: Wed, 15 Jun 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8432
Expires: Fri, 17 Jun 2022 04:42:51 GMT
Date: Fri, 17 Jun 2022 02:22:19 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: yD1jTPD6haanUlAxQiXUQy1ec4IANfkG3yddGlSV9UhxHSBRLhcOog==
content-encoding: gzip
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Jun 2022 02:21:21 GMT
age: 421
content-type: application/json
content-length: 35987
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   35987
Md5:    9fa6e75593ccd9323aff7d4ddcba7410
Sha1:   33cfc3b27ef3f93ff7428e728bd6b4ac62454779
Sha256: e100359f4f32363bc477bce3fc2d13cf335d93dc02525be70716ab17bdd046b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
date: Fri, 17 Jun 2022 02:10:50 GMT
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E0jwyGwxD8MLs_FzQAQ8Fw3oVscIWXEvEbPT4Qokp3oHQpX_5jvWuA==
age: 689
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v/oc6swaoi/file.html HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: JSESSIONID=29A499DA13E95AECDA5F511A47C512DE
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www109.zippyshare.com/v/oc6swaoi/file.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 17 Jun 2022 02:17:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DCah48RmFuhEY7A97KATuS6QxMXFjF1aehRzok4uwJkS-kr7Fya4tQ==
Age: 301


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         151.101.86.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Expires: Tue, 21 Jun 2022 01:45:52 GMT
ETag: "917959436ba7c94c845d6a122f4a8633f3e38fd8"
Last-Modified: Fri, 17 Jun 2022 01:45:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1423
Accept-Ranges: bytes
Date: Fri, 17 Jun 2022 02:22:19 GMT
Age: 2187
Connection: keep-alive
X-Served-By: cache-qpg1250-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Timer: S1655432539.250993,VS0,VE1


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    dfd7c8276df70a3dbaa522d93a0e61e0
Sha1:   917959436ba7c94c845d6a122f4a8633f3e38fd8
Sha256: 0ab36fb9d6214ae691a59ba240eb3b893cd74043d5014354138e6644d5d5d6c3
                                        
                                            GET /v/oc6swaoi/file.html HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=D38D48E55B87F222078305995C77046F; Path=/; HttpOnly zippop=1; Domain=.zippyshare.com; Expires=Fri, 17-Jun-2022 14:22:19 GMT; Path=/
Content-Language: en
Expires: Fri, 17 Jun 2022 02:22:18 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41973), with CRLF, CR, LF line terminators
Size:   39516
Md5:    f154a01593ebf79f6e48a27d297cf3f3
Sha1:   258e03898429418ef6cb83e7056d49cc716bd985
Sha256: bc41d19b86a977169c6ad4ad2c30cbf7e0c7b90837ca557d178d995dfff715cb
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 03 Sep 2030 02:22:19 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /ads.js HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 49644
date: Fri, 17 Jun 2022 02:22:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lZh22JIpdAmRD8KsRg1dZJj4j88uIF8X3jmymTyBJjlS7XnbRIBP_A==
age: 17
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49644
Md5:    146f01d6b6a6fcce21324cd54be55007
Sha1:   4aa20dd2b5e6d9db7ac1c1ad1666e4afe8acb537
Sha256: 5221d866c8a32c028cc5150e0adcb14d5ae0852f5f8edffda02aec1b70a9de39
                                        
                                            GET /sw.js HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2022 17:03:54 GMT
Expires: Mon, 20 Jun 2022 17:03:54 GMT
ETag: 42E49720D1717DF75F394E11A2D577D4F29E1B78
Cache-Control: max-age=311494,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71c8511c9bf20b4d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2022 17:03:54 GMT
Expires: Mon, 20 Jun 2022 17:03:54 GMT
ETag: 42E49720D1717DF75F394E11A2D577D4F29E1B78
Cache-Control: max-age=311494,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71c8511c9bccb500-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2022 17:03:54 GMT
Expires: Mon, 20 Jun 2022 17:03:54 GMT
ETag: 42E49720D1717DF75F394E11A2D577D4F29E1B78
Cache-Control: max-age=311494,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp14
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71c8511c99930b31-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:19 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:19 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 03 Sep 2030 02:22:19 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
                                        
content-length: 36011
date: Fri, 17 Jun 2022 02:22:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s_IWz_4ZlfTNjxR-0jdRQViMb6yRKrGbAjYcyexOV2TVAWL6JepYKA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   36011
Md5:    79a3a2d65d273e9eee13b8d1ea752211
Sha1:   3e003d021b3c5efa30dd9f76426a44611878dace
Sha256: 22cc4058f01277998adbd5d8344781c8d264aac42a8d430879e527985860bb9e
                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Fri, 17 Jun 2022 02:22:20 GMT
date: Fri, 17 Jun 2022 02:22:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   554
Md5:    ce162114d45c6656353a75cb0769a10f
Sha1:   0a6e552d73684b761d8e9d8a4cc4a2a691393eed
Sha256: 57923bce1844f8dd88d832cb6179725b806abf05b3fc1310a3c123c1ae50f48b
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 13 Apr 2023 02:22:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /a/display.php?r=1142849 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142855 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142861 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:20 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Expires, Content-Length, Retry-After, Last-Modified, ETag, Backoff, Cache-Control, Alert, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 17 Jun 2022 01:49:19 GMT
Expires: Fri, 17 Jun 2022 02:23:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XcJbL66LkhnYXVW4dt7pxSdjbtOcXdodhtnkjfbUNYo-FR5NzTKGMg==
Age: 1981


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /apu.php?zoneid=3505448 HTTP/1.1 
Host: louchees.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654164229
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:20 GMT
content-type: application/javascript
x-trace-id: 2a5f99e31afa598f7e7da492ca821b72
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Sat, 17 Jun 2023 02:22:20 GMT; path=/; secure; SameSite=None oaidts=1654164229; expires=Sat, 17 Jun 2023 02:22:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23502
Md5:    3caccee165b5cd72c6c27c3a360e3862
Sha1:   ce258a95a08c1cc73c5dca16e7c604ef78758b43
Sha256: a559930c6f5058f5b33d8ae5a90f36a1e973bf73cab0e63a1e505b93c1f2ff35
                                        
                                            GET /MXpnUUkeRQQidGgAKQkEeSA/EyRwODZgHHUjEDUKZA0hJwtaM0ElIFVHX2V6AU9SdzlYHlpiexcJEzA9RAlaYG9YFAE+dBcMWmFnCVRff3sXD1pgb0UKBjZ0AFwXJT1dR1ZnfAROVGN8Ak1VZ3g HTTP/1.1 
Host: ukfareputfea.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.225
HTTP/2 204 No Content
                                        
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbgcnlQtgvVvGdYN2CXml1wQ0k9ShcAiLNQEI4eX3oLso4SSW62lpKm9LJId%2F9MWvj7Y7dohiD9eazauvXQ1NSboylk4YcbC6RAgw8h0oFHXgvlrInKjhcKZ0wxnJruTSl7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71c85120dd4d0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /OGNTUngXXDAhRWorEScuYC0kAC5UCAE8Mnk0PhgwXCYZBSEIAHUmEVxea2ZLCFZmdAhRB25hSh4QJzMMTRBuYEgIVHU7Fl4MbmBeTl5jfEAWW31gXk1eYnQMSAI0b0keEycmFAVSZWdNDFBhZ0sPUWVn HTTP/1.1 
Host: ukfareputfea.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.225
HTTP/2 204 No Content
                                        
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9tPKj11ohWVNYMeIYPw1K2AWujOpdCtKa26GfzF8H84%2BiftjmhW4aVX%2FLfHweNgvnGWG6z%2BOMXd9jWzrHhy8whWweclJ8vYoUG%2BHruczNfPg9EMisrYVV321g3iNsi%2BuGnS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71c85120dd4f0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /Mlplb1AdZQYcbVMdPFsHdDY3OQFeKQRePGMbIhs/amswIDEAKUMbOVZnUl1mBm1RSSBbPlhdaRQpEQ4kRylYXnZbNAMAbRQsWF5+AnRQV34AfBBSYRQuFQ43D2tDHyRGNlheZgdvUVxiB2lSXWQB HTTP/1.1 
Host: ukfareputfea.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.217.225
HTTP/2 204 No Content
                                        
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHCgsdgzhcDyzD7%2F1gxH7qsOJS6oTk8eKRx0ffMOnfr07q1LXW%2FtfNAG8bw8CM%2BmauKOTajlamOvu0ekEWn%2FuAidsfMeGGUF0IJY0Rb2zBP2OIAARLzl2yFFbqdFnRALFf7k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71c85120dd4c0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3557
Cache-Control: 'max-age=158059'
Date: Fri, 17 Jun 2022 02:22:20 GMT
Last-Modified: Fri, 17 Jun 2022 01:23:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9F6C3E8E5B8A8F9F8B61624C77F660212DD97AB17E76E374EFF8D86A988F458D"
Last-Modified: Wed, 15 Jun 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8705
Expires: Fri, 17 Jun 2022 04:47:25 GMT
Date: Fri, 17 Jun 2022 02:22:20 GMT
Connection: keep-alive

                                        
                                            GET /V0xuWno2Lg03RTZxDHwPJSBTf0gRaVwcHmZ8Ai8XNjgLORNje1x0GTsjGz4cJSMALlQ5KRp/SBEVCw44PxpdDxsPO1YiKTB9NBgtJw89LSABFSscHAAkJ249ICcgEw0BCCkfO2cWFh8YACVbMTcFIzkcKWcePBs4HwMWCyIBfRYiPxUoOgI9DRgpHCsTLQUcHAUOK24yPB4MHT4eCC8fLx4CLxsiESQ/aCkVHggdAGMWKAw8EhY6FDcfICgjKGcnNx0tDQk2Gzc9LwU+MA8NCW87Fgk4D0g0Aj8LI3J+LAMvES8vIzQuHl42ORF/JB01FiA2Py8BHSgMVxkiKzICAw8EMisEfzQOIGceJBs8FSI8HA0UGTofGRR9OxI1Fn0NGxMzOT9rGRYeFxAzBA1IMAk4Ih5nOAV6DyovZygMMDVkCA0 HTTP/1.1 
Host: ouknatstuffs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.124
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1177
date: Fri, 17 Jun 2022 02:22:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4E90NblZMtSvr3cPAU_pjZQFNlXDKINcwZ8EHp6v6Kz7dcXCgzXoSg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Size:   1177
Md5:    7c7bee45f961a78609aa9711bc67f5fe
Sha1:   7da06c48456d3105fc7858a4be7df06d3377a935
Sha256: 5439a96097b44cb0b1e054247dd6a2a84b53ec7afa1ec6ecfa7e6e856aa6e99b
                                        
                                            GET /cnBwUFgTEhM9ZxNNEnYtABxNdWo0VUIWPAFISCA7QhsHZjsEE14zNB0FFDYqHR4EfjYXBFViHkIjHAYwICcXIBcVSBoGIkZIMggwIxYdCgoRNkEjCAo5ARIyAh83EmgLFRonbxYaGyMWGCEgEQkzHTpiFRE9NBY7FiVEPRYzSBkGDwUHNCkCJBVDHRk7IQBjAScTCBcbJ1VCEgA2MTccMjM4PBEBBD0lMy8xKBNkHBhIMhoyGTEpFjc/KTVpaSYoGDwLJkEqNWswIzJgaUYqIWArMBpIJAo6FCkdNUMoNzxtV0IyMx47OCQIMB41Ch4WFyIiCTtCKkY2HV8iQwcbQgcxOWw6EkIzNhZBGGcCJDZABxAGByVjDT05CTMdOwcTKTs0PTQFAApHJQcVFhRCAX4YAx8+KE8JKApoGypDAT4RJTo5EgE2 HTTP/1.1 
Host: ouknatstuffs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.124
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1178
date: Fri, 17 Jun 2022 02:22:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FiidIw7Sn6DxPUi8L9eYGABfTdWxrwwxH9RaE6wZ6yNeRWaMcjEGMA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Size:   1178
Md5:    d25888e4556f7c685d5976df8eab7349
Sha1:   02f13cd3f70ee7f7e3a9244e094a890d4549f47e
Sha256: c52016cc0752ba9526e5e5f2bc1c0a122350a3a4b726baf50a1c4f6094353f10
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E9065C8AE928668ADCDE22A3DBD25053BEEF8048BC1E473F739B9F360B589A71"
Last-Modified: Wed, 15 Jun 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3780
Expires: Fri, 17 Jun 2022 03:25:20 GMT
Date: Fri, 17 Jun 2022 02:22:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:20 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 16 Jun 2022 18:25:19 GMT
Expires: Thu, 23 Jun 2022 18:25:19 GMT
ETag: 516B1EF0F4D2F1D4D5F2A479210F7E4A716C9BD5
Cache-Control: max-age=575578,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp8
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71c85122cfecb500-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:20 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 16 Jun 2022 23:32:35 GMT
Expires: Thu, 23 Jun 2022 23:32:35 GMT
ETag: 8C14D14D208220A9797E8F63A679C75140C9E8A9
Cache-Control: max-age=594014,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp15
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71c85122ec8c0b31-OSL

                                        
                                            GET /gid.js?userId=ab53d7a6c74242a78adbfbc0dc99e5d3 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Cookie: ID=ab53d7a6c74242a78adbfbc0dc99e5d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:20 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www109.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Sat, 17 Jun 2023 02:22:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    1a978248eb23e1b1a4d5f93ca4d80528
Sha1:   1934d9407e97f9eb644b30217f2b845f47ebee8a
Sha256: f367544fa6491762069de7d05ba94f13cb7b66204a7a1d56475830fe4ed19015
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A2BLxxg84ca7PR4yeSQJCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.188.94.105
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m0u/3sMLZDRgYLnit+yZspOd56g=

                                        
                                            GET /0SlVhRWgpOg8jVz48BXhQfmZRcF1sPxIqBjpoGB0yejw7djksNjQPAQAmJ2McMDFcdU4mNA8iVWwwDyZVe3MAIQp3YUcxGCU+XDAGLjAHLAYvMUcwCXc4Dj8BJjkAYFoMYE91TXhlST1Ze3BSB014ZQ0sBj8tRHdYMm1XGl5+cFIHTXhlEzNNeRRYc0Z6fE-R3WC0wAi4Hb2cnd1h7ZVF0WHtwU3UOIycEIwcycFMDUXx7UWMdd2Q HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouknatstuffs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 361
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zl6Df1roPkjxMKU2hDBQ9W7YzUSdujpOWJ89dV7nImveqP9GLQfTtQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (448), with no line terminators
Size:   361
Md5:    ea53b86121cb026cd0f3ef0e1c30a12d
Sha1:   d813b754e6fb28d9f93ffa625e1627fc529c0356
Sha256: a16e8e8b1c487bd10461d17f5ec17c960f730dc87d0ba1dd1addaa4df0ea0628
                                        
                                            GET /42/38?z=3519989 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Cookie: OAID=bfb09acf47014381bf928d1d57c05730; oaidts=1654105504; scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:20 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d54e16d5ced466001a948a794adbb4bf
access-control-expose-headers: X-Sc
set-cookie: OAID=bfb09acf47014381bf928d1d57c05730; expires=Sat, 17 Jun 2023 02:22:20 GMT; secure; SameSite=None oaidts=1654105504; expires=Sat, 17 Jun 2023 02:22:20 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /akh4MnURagtFKh86FBBPSCAMRgUZclcdAh0%2FSQJMRDIRQgUTOxBTBw9mG10YRTsPHB8ZalQQBgcuWghERmoMUxI1IRwQT0h%2FSgNDWX9aHlcZPRptHA56WghXX3tNUUZSfkAfE18tSx9BXy1BHxRZehwfRlx7SAEXX39IVhALagU HTTP/1.1 
Host: aphycolourses.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=utf-8
set-cookie: 9e35904307bf0c0376364fb5673ccae7=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e102-W7jVtF8Nu65mABW0bbpVNFHaMqg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57602), with no line terminators
Size:   22899
Md5:    0c32dcdb52fc6a330bc43537355f3277
Sha1:   22ef8eb02f0c2ae53707110344b3aa7fe7705e8b
Sha256: 1485c542217082b6a3b9f99b81d8198d488357b2d1eac4c7dbdc77ddd885e917

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sw.js?ZmVOam89R3lYXlBWeUhDREdiSFpVUC1ZV1BdYwxaA1ZjXloDXGMLXFQBY1lZVVV9CFpRVSoPDkRJbAxaVFIqCFoHSH1ZC1RIeg9fXkgsW15TSHZbWQBSeQ9ZAgMsWk1KRz0dTUpHIB4aBwklDwESDCAPC0gdNxBNSkd%2EWkFTR2IMDgoWK0YJBwk9D0MABCIZCjs HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1; prefetchAd_3505448=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:20 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: med.etoro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.88.18.91
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://etoro.com/
Date: Fri, 17 Jun 2022 02:22:20 GMT
Connection: keep-alive

                                        
                                            GET /YeTBhV3UaXw8xSg1ZBWpCSwZVYEFfWhI4GwkNIwVDGEA0ZxEbWi5kMRoWFS0RRABHOxQXV1xxEBdTXGZTGFQDakFfRBE4HkRbGDIDAEUINAAXFhQ2SBRfGz4ZFVFEZTNMHlFyR0kYGWZEXAMjckdJXAg5AAEVU2cNQQY+YUFcAyNyR0lCF3JGOAlXeUVQFV-NnEhxTCjhQS3ZTZ0RJAFBnRFwCUTEcC1UHOA1cAiduQ1cARyJISA HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouknatstuffs.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
                                        
content-length: 454
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _n8CNyXry3e8WBjX5QlBrGS8ut7YsgL_hhG_1bBrj1CaYWvhrHiV3w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (582), with no line terminators
Size:   454
Md5:    ca2abc7a610bdfb7dc5e4f9d3e6fdcf6
Sha1:   f14f973429712aac52d496720c9404b767c33a9c
Sha256: aae1bfcac5accab08039be4bf735b42bc5d397f1409b0602c3f3ae6a4072ac7c
                                        
                                            OPTIONS /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=ab53d7a6c74242a78adbfbc0dc99e5d3 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www109.zippyshare.com/
Origin: https://www109.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: etoro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.24.102
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.etoro.com/
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B8C90B0CB9EF6F9CEF0676812AD12B43E952222727B4472A4230BE8FAAB64016"
Last-Modified: Wed, 15 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10311
Expires: Fri, 17 Jun 2022 05:14:12 GMT
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            GET /11?rnd=2518993591&z=3519989&b=13506329&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=XFW6wE0dEoXgLD5puykss5ZMM9x-4ljTmwUtWq3iPWrRXRS4kCFzNre-1a23kG-iOhXRUNPzAHiZQKQaEivmAWNYCrhBBvH2M_QN5svip_ELr4-jEplDerd1cJvWr2-3QCIftab02lwuSsNSpleOEyuWxZoXDMPXjpfA2ww91yz2sjLG2H5VEBwtWpcr2j_0zwU-OvycbTr9NN_-RiLejsn0YQvOdQzr7czacGFmcDyc4IpBinBL_9VkofhyXezpaaW2X4_VrNKv1XpjPIajEUnZaezZqF47T9IJphlm5JsZnKvLHJUltHry7CD9knJ45N7DQZYexKwYd6LUBJy8NuBSGD_LRPSCqg7hzZADMS8eMwQD90NCnPajvi-BLF8U8ATui_5GI3BW31k86-tH2nNna8YCqrmIwHDYE477U0MGHxh3tINoawDIN9E8trj3rT3317rgaVKAJSaVVs7P-6x0vx-KIj0yLxzKVBvouaoWUlJEDJgy7PqAWh3A2YLO&ruid=6e9ef74e-e00c-4aca-97b2-501dc531a63b&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=123 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Cookie: scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:21 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: fd620943fd65adc080d82cc9cad355b1
access-control-expose-headers: X-Sc
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Sat, 17 Jun 2023 02:22:21 GMT; secure; SameSite=None oaidts=1654105504; expires=Sat, 17 Jun 2023 02:22:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ntualkentined.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 387
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D64F902BD1A4669F7FB123DA4F0313C934C8E82C86713439396C42B64B525FA9"
Last-Modified: Wed, 15 Jun 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3126
Expires: Fri, 17 Jun 2022 03:14:27 GMT
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www109.zippyshare.com/v/oc6swaoi/file.html
Cookie: zippyadb=0; JSESSIONID=D38D48E55B87F222078305995C77046F; zippop=1; prefetchAd_3505448=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 17 Jun 2022 02:22:21 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 13 Apr 2023 02:22:21 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:21 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?rb=a8gKpPDlSv8HqveeJTHh30L3Ua-IXjZ8pXVc3vilS5MHru6IqgoDgZEDyQGNNAlwXil9gg26t1mesEyJQ30qDD4myIdiaqRiNkRQmzE-8QUF6hz_rUIRjWgr5Hm48RMj6n66qQRmBuxe2EKGMo_BVRUodGRg0hWckm-gy98VQfdfpIHTMfj1ZNK9XjFBmHkGk54H1Vh6gADRlG8dmZlqPBlgb-ccnt1n&request_ab2=0&zoneid=3505448&js_build=iclick-v1.397.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.397.0&bs=cc8286d1-f8af-473b-ba9d-3fee76266ba9&userId=ab53d7a6c74242a78adbfbc0dc99e5d3&m=link HTTP/1.1 
Host: louchees.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Origin: https://www109.zippyshare.com
Connection: keep-alive
Cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654164229
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:20 GMT
content-type: application/json
x-trace-id: 18d9793fefd947b073d9bbfb8c7773fe
access-control-allow-origin: https://www109.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Sat, 17 Jun 2023 02:22:20 GMT; path=/; secure; SameSite=None oaidts=1655432540; expires=Sat, 17 Jun 2023 02:22:20 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 24 Jun 2022 02:22:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1674), with no line terminators
Size:   1339
Md5:    45ef534d17d41ed29e52936fc02b03b0
Sha1:   b4cb4e6df5eb7e0718e6f59dce383b1db4f03a19
Sha256: fc6a4a399f66fab9ba70230c5e7a18d125bc387bbdd66a9612d056e080483ce3
                                        
                                            GET /utx?cb=iOlC8pY0BX6n&top=www109.zippyshare.com&tid=843055 HTTP/1.1 
Host: ouknatstuffs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.124
HTTP/2 204 No Content
                                        
date: Fri, 17 Jun 2022 02:22:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 17 Jun 2022 02:23:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F91i3cC5vx8nqGRc8IUr3tSkrp0Kc0FmbSZzfxE6G-85w9iVsxIH6g==
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: www.etoro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.152.107
HTTP/2 200 OK
                                        
date: Fri, 17 Jun 2022 02:22:21 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: TS01047baf=01d53e5818984899f69c1a2a7cfd48da24cba58c8e7ee3c7f7b852ed56fda273bd599eb167ef09d9b2daba01a01cd7d54b5f1ad8b4; Path=/ __cf_bm=RB9tJSNDzYIAl3ctIPwFwsiOIbTxVoX5YufCYtR8ZSc-1655432541-0-AQ9EVHAjNocq1uNlMWEd8dC56U6Hzi7pZfUV8+g1prq7pV2wuTL9ArqIB8dU/nCIvVqCryrP1yTstYazX2zQw31n8Ei5i5FryTa4SfY9GmHr; path=/; expires=Fri, 17-Jun-22 02:52:21 GMT; domain=.etoro.com; HttpOnly; Secure; SameSite=None __cflb=02DiuEAg8LPSYevHEYkaxA3gcDJTcgwA1mb6hiBRi6RnU; SameSite=None; Secure; path=/; expires=Sat, 18-Jun-22 01:22:21 GMT; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 71c851260ff8b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30995)
Size:   186618
Md5:    486de7297c811762f75d71ab479f7f06
Sha1:   2499935469e964a4435f421f3ae64d6e90b3f521
Sha256: 6ad9ac14bc2272c4fd1c2b5524bcd6227ac4f5296b7fab1f4341055280f4833a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 17 Jun 2022 02:22:21 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /multi?cs=cmYzUllLVQJma0NQC2FoRVUFYWs&abt=0&red=1&sm=76&k=zippyshare&v=1.0.58.2&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_S7Yy=1655432537512&crc=1 HTTP/1.1 
Host: ouknatstuffs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.124
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 1470
date: Fri, 17 Jun 2022 02:22:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=51adc314-3bc9-4076-8f22-7ebab868ba87
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jrick60XI7GD0CDscEW03uVhxsKSmFIlxjBDRcMXtuUWfBqUdfvmDQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3031), with no line terminators
Size:   1470
Md5:    1669c0c9e24f80b79914611bb74de586
Sha1:   eda54d0e8db14d29fdae18926849dd37b4dbc8a9
Sha256: 05cf560863eb162ba2a4f55fe1aca0411a2ced601826391311ce70e01925c4ca
                                        
                                            GET /contents/s/10/47/81/e7d84e1a0aebbb3bdfc2be3bac/0269959934108.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=F3ZRHghBOLsXbnt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D770105390%26z%3D3519989%26b%3D13506329%26c%3D5706053%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D1552%2526key%253D3940a4d30819553acfd4c504847cf5b5%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXFW6wE0dEoXgLD5puykss5ZMM9x-4ljTmwUtWq3iPWrRXRS4kCFzNre-1a23kG-iOhXRUNPzAHiZQKQaEivmAWNYCrhBBvH2M_QN5svip_ELr4-jEplDerd1cJvWr2-3QCIftab02lwuSsNSpleOEyuWxZoXDMPXjpfA2ww91yz2sjLG2H5VEBwtWpcr2j_0zwU-OvycbTr9NN_-RiLejsn0YQvOdQzr7czacGFmcDyc4IpBinBL_9VkofhyXezpaaW2X4_VrNKv1XpjPIajEUnZaezZqF47T9IJphlm5JsZnKvLHJUltHry7CD9knJ45N7DQZYexKwYd6LUBJy8NuBSGD_LRPSCqg7hzZADMS8eMwQD90NCnPajvi-BLF8U8ATui_5GI3BW31k86-tH2nNna8YCqrmIwHDYE477U0MGHxh3tINoawDIN9E8trj3rT3317rgaVKAJSaVVs7P-6x0vx-KIj0yLxzKVBvouaoWUlJEDJgy7PqAWh3A2YLO%26bag%3DDj5FhZvDL9eZCvhcCpW-mA%3D%3D%26ruid%3D6e9ef74e-e00c-4aca-97b2-501dc531a63b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww109.zippyshare.com%252Fv%252Foc6swaoi%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.155
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:21 GMT
content-type: image/jpeg
content-length: 20677
last-modified: Tue, 07 Jun 2022 01:44:35 GMT
etag: "629ead83-50c5"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   20677
Md5:    104781e7d84e1a0aebbb3bdfc2be3bac
Sha1:   c24a0d396b093c584ebcbcd63ccdb5195dbd8f37
Sha256: aafc524eba3326a9a0993ba7f2caf14d1a13224b52187d6f4037ed111f40fa8f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "54B9A9F97BCD72FA34E9350B5CFA892193099BE8A1FB13136A1E6A70E68F026E"
Last-Modified: Thu, 16 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5777
Expires: Fri, 17 Jun 2022 03:58:38 GMT
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/c8/cc/46/402d3a365cec260d48429cdec6/01404124676827.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=F3ZRHghBOLsXbnt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D770105390%26z%3D3519989%26b%3D13506329%26c%3D5706053%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D1552%2526key%253D3940a4d30819553acfd4c504847cf5b5%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DXFW6wE0dEoXgLD5puykss5ZMM9x-4ljTmwUtWq3iPWrRXRS4kCFzNre-1a23kG-iOhXRUNPzAHiZQKQaEivmAWNYCrhBBvH2M_QN5svip_ELr4-jEplDerd1cJvWr2-3QCIftab02lwuSsNSpleOEyuWxZoXDMPXjpfA2ww91yz2sjLG2H5VEBwtWpcr2j_0zwU-OvycbTr9NN_-RiLejsn0YQvOdQzr7czacGFmcDyc4IpBinBL_9VkofhyXezpaaW2X4_VrNKv1XpjPIajEUnZaezZqF47T9IJphlm5JsZnKvLHJUltHry7CD9knJ45N7DQZYexKwYd6LUBJy8NuBSGD_LRPSCqg7hzZADMS8eMwQD90NCnPajvi-BLF8U8ATui_5GI3BW31k86-tH2nNna8YCqrmIwHDYE477U0MGHxh3tINoawDIN9E8trj3rT3317rgaVKAJSaVVs7P-6x0vx-KIj0yLxzKVBvouaoWUlJEDJgy7PqAWh3A2YLO%26bag%3DDj5FhZvDL9eZCvhcCpW-mA%3D%3D%26ruid%3D6e9ef74e-e00c-4aca-97b2-501dc531a63b%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww109.zippyshare.com%252Fv%252Foc6swaoi%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.155
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:21 GMT
content-type: image/jpeg
content-length: 44549
last-modified: Tue, 07 Jun 2022 01:44:33 GMT
etag: "629ead81-ae05"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   44549
Md5:    c8cc46402d3a365cec260d48429cdec6
Sha1:   0f6ff8ef0af287b8dec5012edc7c6449969c17c9
Sha256: 8496202215f028949f46b435b68bc7ceea721c4bc56bf14947a830beed70a484
                                        
                                            GET /fv.js?t=72747&cb=747931699 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:21 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 209aef2697cb11c9e5860e38bdad5397
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /floater?cs=RnlndDFyTFBFBHBJU0MFdktfQgU&abt=0&red=1&sm=83&k=zippyshare&v=0.8.8.2&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_mMJv=1655432537509&crc=1 HTTP/1.1 
Host: ouknatstuffs.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.124
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 3710
date: Fri, 17 Jun 2022 02:22:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=f951ffb3-39e1-43a5-9b69-67b4818aa772
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BT7W5cw4uTan5WiSpZQGqO5v2FjTksE6Q-HA2VvTbMAZpFHx6y3Z6Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5383), with no line terminators
Size:   3710
Md5:    14ff8d3aeaeab59d8473fd2cce8f4eab
Sha1:   c0ed73ab39cc7daff8d0d763f89572082b7cfc95
Sha256: 0341d1d03605353a61ac4001a72092cfe9aa4e25041dc05fd886d903c425c2e3
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:21 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fc27852d73b309a6e89661ced6361566
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ntualkentined.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www109.zippyshare.com
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ntualkentined.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 814
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ntualkentined.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www109.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www109.zippyshare.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ntualkentined.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 392
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2772
Expires: Fri, 17 Jun 2022 03:08:33 GMT
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2772
Expires: Fri, 17 Jun 2022 03:08:33 GMT
Date: Fri, 17 Jun 2022 02:22:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654ba3d7-ea96-4aca-957b-41fe76850d93.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 13183
x-amzn-requestid: 8a98a7c9-70ba-4266-a498-c5e82e85a242
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tr3DsEdZoAMFlkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a7d217-30b8d02d489dc66b3c0b8f96;Sampled=0
x-amzn-remapped-date: Tue, 14 Jun 2022 00:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hxxrmWE23s1dp-oRNAhaPU8BekA5lp0YnJ2smesk2TADN2DSwhF-BQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Jun 2022 13:21:04 GMT
age: 46877
etag: "88469237b6fcd0dca36d937465fb36ea9308c4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13183
Md5:    90cc5d5a9e9030664444a47de3dbd4f5
Sha1:   88469237b6fcd0dca36d937465fb36ea9308c4aa
Sha256: 1f43fb9a1576a27fc50de9569567fc6eb93ea634f002b16595091e6d80397883
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cac665e-75f1-407f-8cbb-7fa9a19b43ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9782
x-amzn-requestid: af26ce62-04f6-441f-a3fc-df1e2bf0fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tr3TUEHLoAMFuBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a7d27b-7641304c18789aeb3862b475;Sampled=0
x-amzn-remapped-date: Tue, 14 Jun 2022 00:12:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ki60qZw3y1q0_sHAu98g5VafTRX8cKSXvIomBcpuVovrrNOy0082PA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Jun 2022 04:19:17 GMT
age: 79385
etag: "0c7c6e922ae0b9c14cb1f4a2c9cd5ed75ebe59d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9782
Md5:    2982dbc340bfaa4525531bf12a36dcd3
Sha1:   0c7c6e922ae0b9c14cb1f4a2c9cd5ed75ebe59d1
Sha256: 8752a702a7dcfd84ff75055c1683c66cc408e46da68b76b403816947780982a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facc2579a-4dc1-44c2-8c91-85192f952284.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6619
x-amzn-requestid: 470edb78-c474-4199-b246-b5f3035cfe75
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tr2aPEwgIAMFegQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a7d10e-4ca5f03b09ffaa20052ad232;Sampled=0
x-amzn-remapped-date: Tue, 14 Jun 2022 00:06:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lknBIWKZzR1XlAjF-MLtGpKI8FkznAWYrEnbhMPwANmG7PSG0orMQg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 16 Jun 2022 13:21:04 GMT
age: 46878
etag: "82e19b95c27b5ce6213e68d2dd24cb6639476d40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6619
Md5:    34dc805e546491654e8a39ebb0662c58
Sha1:   82e19b95c27b5ce6213e68d2dd24cb6639476d40
Sha256: cb2b2d1031adb1ca257c3bdeb6c5038bdc9e023c673a902654ee30c08f382649
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5151dd3-0d61-43c2-8c3a-4811f9af4d3a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14199
x-amzn-requestid: f23dd6d1-ffb2-46a8-b794-3369bc06bf85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T1vojGfWoAMFk1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62abc636-5a4d3fd626fce2f41335b769;Sampled=0
x-amzn-remapped-date: Fri, 17 Jun 2022 00:09:26 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5JrajdjHk6A4iXTmqLWoBYws3ozggKY3lkiizUKNmyISU6t3mhqCZA==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Jun 2022 00:17:15 GMT
age: 7507
etag: "882d8fba97ee79dda86016cc7716c2f2336c40a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14199
Md5:    981a89c44a01bbefdac2a13e5412f762
Sha1:   882d8fba97ee79dda86016cc7716c2f2336c40a0
Sha256: b9456c6994ab5a2a0a3bea412fd9566ee438d9014a49c9449ab63fc73808369d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29fd0e61-77f8-48fb-b6e8-41ba5e8f7695.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5935
x-amzn-requestid: cb34f3b6-5849-47d9-b35f-5a3a4de4adfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tf3aUE7HoAMFoEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a305db-688c81aa2fcc45842b523a6f;Sampled=0
x-amzn-remapped-date: Fri, 10 Jun 2022 08:50:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P-6X1HJpHhNDlv-gYE_tCYERaJ3qJUrSW4mP5aul7v-dG1AkYBr0QA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Jun 2022 00:17:16 GMT
age: 7506
etag: "366268d3af2b72d8b455632eb478b735b35c96e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5935
Md5:    233feac8a9307c97ff7a8c08d68fa5ba
Sha1:   366268d3af2b72d8b455632eb478b735b35c96e6
Sha256: 6be1494080114fa4fe418e983d404ab4141ece76502cbe4e17bfa660f18054e8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68f5089b-df17-4f13-b20a-3621bcb3100a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:22 GMT
content-type: image/jpeg
content-length: 5451
x-amzn-requestid: 4690291e-99dc-4ae4-84db-0f9699e9cf7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TwbnwFJMIAMF-FA=
x-content-type-options: nosniff
etag: "be09a75dace7db0f371b58c2ceccc16bcd193761"
x-amzn-trace-id: Root=1-62a9a631-131d923d7d7ae0db3f7e9db1;Sampled=0
x-amzn-remapped-date: Wed, 15 Jun 2022 09:28:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _KKs7IfwGB-Splj_DbJUGaLvHY4lYjiiXFBAy_rf0CEy9kCZfCdicA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5451
Md5:    adbc0212f57a6cf64bb179b429a410a2
Sha1:   be09a75dace7db0f371b58c2ceccc16bcd193761
Sha256: a575f82159c5f3455deb65904eb3cae6d7f2500897e228889e4f15935d7eb841
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9E72950F801110AB6463A4C495F7664F1EB662D401B19CAFDD359228A4E3962F"
Last-Modified: Thu, 16 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2870
Expires: Fri, 17 Jun 2022 03:10:13 GMT
Date: Fri, 17 Jun 2022 02:22:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "18676A0496BB91F7FD62178A4CF6D532B7CC6B505C8D683194E2D7B20BBE3061"
Last-Modified: Wed, 15 Jun 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6202
Expires: Fri, 17 Jun 2022 04:05:46 GMT
Date: Fri, 17 Jun 2022 02:22:24 GMT
Connection: keep-alive

                                        
                                            GET /c129e70a659b8dfc8355bb50a6f856fa.jpeg HTTP/1.1 
Host: cdn.adx1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         149.11.201.98
HTTP/2 200 OK
                                        
server: openresty/1.15.8.3
date: Fri, 17 Jun 2022 02:22:23 GMT
content-type: image/jpeg
content-length: 18985
last-modified: Sat, 11 Jun 2022 14:39:53 GMT
etag: "62a4a939-4a29"
expires: Thu, 30 Jun 2022 15:17:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   18985
Md5:    e309b42dd49a8a9bb46779ebfaaac5d4
Sha1:   3df58426beaf5a04974cef19b40446405b4d944b
Sha256: 8a233b74b4776ccec44cba9f6e6742561770f03f2b1ff5cfee0ea06cb6aa72f9
                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2tkRRet%2Fr7ZDK6UEQVF2oWgIJ33ul%2F6h1lEY4wE42ScUXSl1Kuql9zJ61ePqlf9OlkFRXElje5cVU4yCerg6M6No7wMuAgI6V1A8w8oKAoD7qTbmOCF4t665y7OrXPqgx13yhpw%2FGTxVb1FacpnZhtB%2Fem3wnCuvkKZG9aH3fY77WiubgbP9dqN4Jn6y0ps6JlmEAZBGIT1JTIq0cOZCQjKb%2FfCRi9oRM1GOBthaDysq8HyGuTglD0EkuNL92pXQKJC1v9qUdmNQufPvtR3KS%2B0wUAevJFtZLrM0L8oE1NDkh2cTUPb46W70NmtKUXowflgTGNW%2B%2BEu4uzgjBjiwd6UW5xCZYjlAygHFVRagXgFod8DyWMGCImrq8j6%2B1e1KfnmPyifoGN26f6foHLMLv18BVn%2Fy4WUhvUbOnUF6cximHjQsAKtVcjdIYotBioPIYp3QfJHNnN%2FBVl%2Fb9WmGiT9dHeiCpRUSNUI3DK4ySEGl9Tg8hr68qQuwjDsBFLwoNsToiU7Km7LIOSdJORh0O7CiQm9EYp8BJGOIMw2crONDRrBuI9AtoLjHpR75Ha%2FG7WC2VkocTT%2F1y%2FvP%2FHNa7%2BC00k9ClQSRkGr2VS9nuSdIGx1JA%2BbMp7lkUw6iOlo%2Fqm547Xk%2BQOkxKD40Xe%2Fs2nAZh6Z87uZIQ%2BjjthZ7BpZHM2fT617WMlgC4aB9CgVQ2kZSs5QEkNZMJQDf0umtmn9vkyti8Oz3DzLLb%2BTn7IHp3r8Id7GhjqpJ4FodpNe1Gp2o14v7sqo02p321KEsquiroSlf7cm%2Bz9wW8MWjdnDP%2F2GfOIU%2BQlifgibHkLQk%2BDucfDSg697bGUeUt9xuSWpbuo03WwI3UdeXEaxWdtJT9kjUyrR4M5%2FXlQYj9x43KR7DGvph7vXdcn2ruvSsq9X84L6tMUntrlR8EL9%2F%2FNX1GapjVxetKPPXhATYFLefl3ZYoVnkrI1y75YICmVWdJGKPbtsn1TxdecXV9wJnP5yrUXl5b7uVHWks4qcDpe%2BxiCxuzyo53pf3hs9VOQqWCcR9%2BdKwTSFUS%2BDZtf9KxmMOnFPc4ZSud3TTO%2BaE48kF5IDR77Hfs9LHkUlv0NAAD%2F%2FwEAAP%2F%2FVMXvs1QEAAA%3D&ap=${AUCTION_PRICE}&l=3438255&sub3=1655432541&pid=91283&sub2=icon&auid=40ef140322e99da70137da12db5a4df7&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: upsidejolly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.22.0
Date: Fri, 17 Jun 2022 02:22:24 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 616f783dd74721f3adfce73a004abbaa
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "254773DFDF1027A91208650B4686BA7B8C193144CF7D62A47F5C57BC3F67A942"
Last-Modified: Wed, 15 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14672
Expires: Fri, 17 Jun 2022 06:26:56 GMT
Date: Fri, 17 Jun 2022 02:22:24 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Fri, 17 Jun 2022 02:22:24 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 19 Jun 2022 02:22:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /11?rnd=2518993591&z=3519989&b=13506329&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=XFW6wE0dEoXgLD5puykss5ZMM9x-4ljTmwUtWq3iPWrRXRS4kCFzNre-1a23kG-iOhXRUNPzAHiZQKQaEivmAWNYCrhBBvH2M_QN5svip_ELr4-jEplDerd1cJvWr2-3QCIftab02lwuSsNSpleOEyuWxZoXDMPXjpfA2ww91yz2sjLG2H5VEBwtWpcr2j_0zwU-OvycbTr9NN_-RiLejsn0YQvOdQzr7czacGFmcDyc4IpBinBL_9VkofhyXezpaaW2X4_VrNKv1XpjPIajEUnZaezZqF47T9IJphlm5JsZnKvLHJUltHry7CD9knJ45N7DQZYexKwYd6LUBJy8NuBSGD_LRPSCqg7hzZADMS8eMwQD90NCnPajvi-BLF8U8ATui_5GI3BW31k86-tH2nNna8YCqrmIwHDYE477U0MGHxh3tINoawDIN9E8trj3rT3317rgaVKAJSaVVs7P-6x0vx-KIj0yLxzKVBvouaoWUlJEDJgy7PqAWh3A2YLO&ruid=6e9ef74e-e00c-4aca-97b2-501dc531a63b&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww109.zippyshare.com%2Fv%2Foc6swaoi%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www109.zippyshare.com
Connection: keep-alive
Referer: https://www109.zippyshare.com/
Cookie: scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 17 Jun 2022 02:22:26 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www109.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 6b8d886ecf1ea985c49ebeff34618c5a
access-control-expose-headers: X-Sc
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Sat, 17 Jun 2023 02:22:26 GMT; secure; SameSite=None oaidts=1654105504; expires=Sat, 17 Jun 2023 02:22:26 GMT; secure; SameSite=None oaidvc=3; expires=Sat, 17 Jun 2023 02:22:26 GMT; secure; SameSite=None CNT=1_v1_GRfOAAEAAADYSgAA; expires=Fri, 17 Jun 2022 03:22:26 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2