Overview

URL www109.zippyshare.com/v/5BA45I0d/file.html
IP46.166.139.231
ASNAS43350 NFOrce Entertainment BV
Location Netherlands
Report completed2017-09-05 18:40:13 +0200
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Files

No files detected



Passive DNS (0)

No passive DNS data



Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.231

Date UQ / IDS / BL URL IP
2022-06-26 16:17:44 +0000
0 - 0 - 4 www110.zippyshare.com/d/tzq4tpu5/7320/l3050ec (...) 46.166.139.231
2022-06-26 16:17:33 +0000
0 - 0 - 3 www110.zippyshare.com/d/tzq4tpu5/8683/l3050ec (...) 46.166.139.231
2022-06-24 08:02:11 +0000
0 - 0 - 8 www110.zippyshare.com/d/tzq4tpu5/17103/l3050e (...) 46.166.139.231
2022-06-24 07:25:56 +0000
0 - 0 - 9 www110.zippyshare.com/d/tzq4tpu5/30517/l3050e (...) 46.166.139.231
2022-06-17 19:40:33 +0000
0 - 0 - 9 https://www110.zippyshare.com/d/2HPetcoH/3583 (...) 46.166.139.231
2022-06-17 02:22:35 +0000
0 - 0 - 4 www109.zippyshare.com/d/oc6swaoi/16487/revo.u (...) 46.166.139.231
2022-06-17 02:22:17 +0000
0 - 0 - 12 www109.zippyshare.com/d/oc6swaoi/8755/revo.un (...) 46.166.139.231
2022-06-12 13:32:02 +0000
0 - 0 - 12 https://www110.zippyshare.com/d/YZENOK7Q/1825 (...) 46.166.139.231
2022-06-10 15:53:19 +0000
0 - 0 - 7 www109.zippyshare.com/d/oc6swaoi/37047/revo.u (...) 46.166.139.231
2018-12-15 12:56:12 +0100
0 - 0 - 1 https://www110.zippyshare.com/d/u2mtbtGA/841/ (...) 46.166.139.231

Last 10 reports on ASN: AS43350 NFOrce Entertainment BV

Date UQ / IDS / BL URL IP
2019-06-30 01:12:28 +0200
0 - 0 - 2 www.convirture.com/products_opensource.php 109.201.133.73
2019-06-30 00:37:24 +0200
0 - 0 - 0 MEastwood@motherless.com 46.166.188.37
2019-06-27 14:37:42 +0200
0 - 0 - 0 https://cloudwm.com/ 109.201.141.196
2019-06-27 14:26:01 +0200
0 - 0 - 0 live.sekindo.com 46.166.181.64
2019-06-27 14:10:20 +0200
0 - 0 - 0 sekindo.com 46.166.130.3
2019-06-27 13:49:24 +0200
0 - 0 - 0 https://live.sekindo.com 46.166.134.22
2019-06-27 13:37:05 +0200
0 - 0 - 0 riimuradio.com/tag/vastarintaliike/feed/ 46.166.182.113
2019-06-27 13:24:54 +0200
0 - 0 - 0 live.sekindo.com 46.166.181.64
2019-06-26 20:05:56 +0200
0 - 0 - 0 daum.ne 46.166.184.99
2019-06-26 11:55:46 +0200
0 - 0 - 2 https://www68.zippyshare.com/v/dzf5dS6r/file.html 46.166.139.207

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 694, repeated: 1) - SHA256: 8f3a1406473b6a7a49c7d7145a20f4afd733ce8a381d4bc8fe5ff588a0d24e6a

                                        < a href = "http://www.maxonclick.com/a/display.php?stamat=m%7C%2C%2Cw3arIifjoGU3BE9GH0dEdHP3xP.53b%2C8QrezzIGmUgIqmUqimpC-VDqyBxxF3m9ozvyWs_vjG8UtSYEoVxxIZGTR26d7AKMSizd8Qt4WOYn6E2AOfIfeVB9l2VXUxdnEy_YGTk8T-83K_msoTkr13yRxeKqo7g9H7IJx-YqFcPmE8bLMLYdABOaKkr_BLsX_Mz8sM4R_E9XGH05AYNF3oESca8CVlmZTDMG1yfr38fFNpSqwYxTxMhcR5tTn_zeKfZHL1Nn8PHaQzUSlgNnJh3io90XrDvYTzrkXB0ckDdzAojI5J4zvmIvJjWosvGOdXkWoCFntkMiAa04Sd8Fwj-y38jvUhlmXJajWJNKW1zYGSwCuh9LEp4vxMaxEN7MpZ12ryFvHkHe-vVd8bwHCoZzjZOEFOBQAiP4RhiW0XoJ6Dl3LotzaewbrfF3b0Z6jnh4Vb2pO8E%2C"
target = "_blank" > < img border = "0"
src = "http://cloud.cashtrafic.info/extban/85671020/creatives/18851300/785a60a21f4738d9ad3badbb8f0fe454_9734.gif"
width = "100%" / > < /a>
                                    

#2 JavaScript::Write (size: 168, repeated: 1) - SHA256: ea39f46dcb515d7899c0ad909a7a1b81fa486c777c1b03b7ee2c4bfebe19640b

                                        < a style = 'color: #fff; display: none; visibility: hidden; position:relative; left: -1000px; top: -1000px;'
href = 'http://www.maxonclick.com/ad/visit.php?al=1' > & nbsp; < /a>
                                    

#3 JavaScript::Write (size: 737, repeated: 1) - SHA256: d4d7d60713be0d402fa6ee46016806842013f3bc1e6ca4507996f48289c7a1f7

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;"
sandbox = "allow-scripts allow-forms allow-popups allow-popups-to-escape-sandbox allow-pointer-lock allow-same-origin"
id = "59aed33a2ebfc"
frameborder = "0"
src = "http://www.maxonclick.com/a/display.php?r=1142801&treqn=1861445635&runauction=1&crr=3a485962cdf02328c03f,,wbud3atY2bqVWRxYyZzokN3IUQ2UUMmUXRxYibsBWLmFnYrBnezNna51iOzIDd0RXRxYSRxYiQwYyc3d3a39fc39737414414ee2f6&rtid=59aed33a2ebfc&cbrandom=0.9525048822610107&cbtitle=Zippyshare.com%20-%20FILES.rar&cbiframe=0&cbWidth=1176&cbHeight=754&cbdescription=&cbkeywords=&cbref="
scrolling = "no" > < /iframe>
                                    


HTTP Transactions (26)


Request Response
                                        
                                            GET /v/5BA45I0d/file.html HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; Path=/; HttpOnly zippop=1; Domain=.zippyshare.com; Expires=Wed, 06-Sep-2017 04:39:21 GMT; Path=/
Content-Language: en
Expires: Tue, 05 Sep 2017 16:39:20 GMT
Cache-Control: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12828
Md5:    7f0bc18a59a5881bcb5ac67142b1fd0f
Sha1:   d118de0f9a5b99c7c8cf8449d210ebd205d2125f
Sha256: 3e28dc8e9de7fa273151326d7eb53dd2157b5ec4d6986d3ded6813e7ea4b309c
                                        
                                            GET /wro/viewjs-e44544f03b22fab45334dcdb8a6b3b0931e845ad.css HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; zippop=1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:21 GMT
Content-Length: 70659
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Sat, 22 Nov 2025 16:39:21 GMT
Accept-Ranges: bytes
Etag: W/"203679-1503700237000"
Last-Modified: Fri, 25 Aug 2017 22:30:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   70659
Md5:    796e5cc895d90638bd840c80e719a002
Sha1:   a30213f491b14c6779535afa8aba085c6ef729c0
Sha256: 30a0eb2c0f2c61b73d24515a52438923e7dd8191d56d355490fbf474aea8b645
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; zippop=1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:21 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Mon, 02 Jul 2018 16:39:21 GMT
Accept-Ranges: bytes
Etag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; zippop=1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Mon, 02 Jul 2018 16:39:21 GMT


--- Additional Info ---
                                        
                                            GET /wro/viewjs-b5af86fa1522edfe99ee6c9472e53cc88f2dc9a5.js HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; zippop=1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:21 GMT
Content-Length: 178730
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Sat, 22 Nov 2025 16:39:21 GMT
Accept-Ranges: bytes
Etag: W/"663752-1503700237000"
Last-Modified: Fri, 25 Aug 2017 22:30:37 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   178730
Md5:    44550d1ef933f93291da7d4ac848b337
Sha1:   0ef933e317c0c6357a828b1e3e00b7f7eebfffd3
Sha256: 29d40b1a102d9144a301752ff6647c189d5caa8911b6a07b496e0353ceb1c39d
                                        
                                            GET /adServe/banners?tid=232207_439549_4 HTTP/1.1 
Host: p232207.clksite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.137
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Content-Length: 178
Location: http://inclk.com/adServe/banners?tid=232207_439549_4
Connection: Keep-alive
Via: 1.1 ID-0002262044605016 uproxy-3


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /adServe/banners?tid=IF1ZYPPYSHARE_300X250 HTTP/1.1 
Host: p232207.clksite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.137
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Content-Length: 178
Location: http://inclk.com/adServe/banners?tid=IF1ZYPPYSHARE_300X250
Connection: Keep-alive
Via: 1.1 ID-0002262044605016 uproxy-6


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /a/display.php?r=1142801 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         104.197.212.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: openresty
Date: Tue, 05 Sep 2017 16:39:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer
Link: <//www.maxonclick.com>; rel=dns-prefetch,<//www.maxonclick.com>; rel=preconnect
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2338
Md5:    f1be1376786752afb73062e0f620f68a
Sha1:   b27378387db1e50b41e70e9e1dc67558450c0e6c
Sha256: 79ed1d95108f1c7fc5deeada95f0e0d7f7df7b604d13a7f03bbc492094abd8b6
                                        
                                            GET /adServe/banners?tid=IF1ZYPPYSHARE_POP&tagid=2 HTTP/1.1 
Host: p232207.clksite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.137
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Content-Length: 178
Location: http://inclk.com/adServe/banners?tid=IF1ZYPPYSHARE_POP&tagid=2
Connection: Keep-alive
Via: 1.1 ID-0002262044605016 uproxy-2


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Sep 2017 16:39:22 GMT
Expires: Sat, 09 Sep 2017 16:39:22 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=548977, public, no-transform, must-revalidate
Last-Modified: Tue, 5 Sep 2017 01:05:53 GMT
Expires: Tue, 12 Sep 2017 01:05:53 GMT
Date: Tue, 05 Sep 2017 16:39:22 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    58db814248dfa2ac54dc22a6b402a988
Sha1:   3e77f5035d59425f9cd7f795297d8fd74ea622bf
Sha256: ae6af7f9e2dcc9fa91ff5ecdba72ce216da93f0e88095079195eed4dbd0b5805
                                        
                                            GET /css?family=Open+Sans:400,300 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         173.194.222.95
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 05 Sep 2017 16:39:22 GMT
Date: Tue, 05 Sep 2017 16:39:22 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   280
Md5:    49ffd571ad4d5261b90402b67815478d
Sha1:   f90bff7c17fae7ca08617b78f2930cbe9011b08e
Sha256: 4c8685aa8e02eaf801fe3239dccd7ed4aa23d3d274fd1a6cdecccf0bb86599d6
                                        
                                            GET /adServe/banners?tid=IF1ZYPPYSHARE_POP&tagid=2 HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, no-cache
Pragma: no-cache, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0
Set-Cookie: rhid=48095416265; Domain=inclk.com; Expires=Fri, 03-Sep-2027 16:39:22 GMT; Path=/
Content-Encoding: gzip
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-8


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6741
Md5:    d63dc01d77c3110add4c4bfbcb558816
Sha1:   172b0deee237172c1f1950dac16b7679cdd2fda7
Sha256: ef7a32c0c5158ccd8021a4b80aaa34fd9b12a12712280ff94bfa729ef7ec6921
                                        
                                            GET /adServe/banners?tid=232207_439549_4 HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, no-cache
Pragma: no-cache, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0
Set-Cookie: rhid=48095500990; Domain=inclk.com; Expires=Fri, 03-Sep-2027 16:39:22 GMT; Path=/ tc=300x250_1; Domain=inclk.com; Expires=Wed, 06-Sep-2017 04:59:59 GMT; Path=/
Content-Encoding: gzip
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-4


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6720
Md5:    8a182d93463bf9624dd3d99cb3d05cd2
Sha1:   7ac0d7cdebadc0955b2cccf8d042e37e346023f3
Sha256: ba761bf296ecc530819514baf10e279101342cf0edfaece337a486b46c374448
                                        
                                            GET /adServe/banners?tid=IF1ZYPPYSHARE_300X250 HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:22 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: no-cache, no-cache
Pragma: no-cache, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0
Set-Cookie: rhid=48095463465; Domain=inclk.com; Expires=Fri, 03-Sep-2027 16:39:22 GMT; Path=/ tc=300x250_1; Domain=inclk.com; Expires=Wed, 06-Sep-2017 04:59:59 GMT; Path=/
Content-Encoding: gzip
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-5


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6733
Md5:    6334ca7def7dff96ee76fc1debf9ff9a
Sha1:   e068eb65478c4f0f5b41738d67064da9bd0c9e36
Sha256: 4e79ef103e86040d1e7671dd50a17e1ed69fbffa855317f7d7c6e7222fb6f9cf
                                        
                                            GET /adServe/olive?details=undefined)%20TrafficDist&msg=()%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A(%22BANNER%22%2C0%2C%5Bobject%20Array%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A(%5Bobject%20XPCCrossOriginWrapper%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A&cid=232207_439549_4 HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: rhid=48095416265; tc=300x250_1

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:23 GMT
Content-Length: 0
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-8


--- Additional Info ---
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         104.16.23.35
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 05 Sep 2017 16:39:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 Aug 2017 18:25:43 GMT
Etag: "55fa4-555dd8222b7c0"
Vary: Accept-Encoding
Content-Encoding: gzip
Timing-Allow-Origin: *
Surrogate-Key: client_dist
Cache-Control: public, no-check, max-age=600
CF-Cache-Status: HIT
X-Host: s7.addthis.com
X-Distribution: 99
Server: cloudflare-nginx
CF-RAY: 399a9fcb72d74297-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   112502
Md5:    09a2bb3f737d4dea0b4a865b4b6de47f
Sha1:   579e449a0ddc6c2ba75363756f708be78559aa47
Sha256: f58d5293c920d032a53559d8c47deb03b0c111d6378ce0d1cc90c9119ffb7c8b
                                        
                                            GET /adServe/olive?details=undefined)%20TrafficDist&msg=()%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A(%22BANNER%22%2C0%2C%5Bobject%20Array%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_300X250%3A1%0A(%5Bobject%20XPCCrossOriginWrapper%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_300X250%3A1%0A%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_300X250%3A1%0A&cid=IF1ZYPPYSHARE_300X250 HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: rhid=48095416265; tc=300x250_1

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:24 GMT
Content-Length: 0
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-4


--- Additional Info ---
                                        
                                            GET /a/display.php?r=1142801&treqn=1861445635&runauction=1&crr=3a485962cdf02328c03f,,wbud3atY2bqVWRxYyZzokN3IUQ2UUMmUXRxYibsBWLmFnYrBnezNna51iOzIDd0RXRxYSRxYiQwYyc3d3a39fc39737414414ee2f6&rtid=59aed33a2ebfc&cbrandom=0.9525048822610107&cbtitle=Zippyshare.com%20-%20FILES.rar&cbiframe=0&cbWidth=1176&cbHeight=754&cbdescription=&cbkeywords=&cbref= HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         104.197.212.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Tue, 05 Sep 2017 16:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Link: <//www.maxonclick.com>; rel=dns-prefetch,<//www.maxonclick.com>; rel=preconnect,<//cloud.cashtrafic.info>; rel=dns-prefetch,<//cloud.cashtrafic.info>; rel=preconnect,<//jebtrack.com>; rel=dns-prefetch,<//jebtrack.com>; rel=preconnect
Set-Cookie: acnetwork=4d28817b59aed33b5d4616cb82; expires=Wed, 30-Dec-2037 23:00:00 GMT; Max-Age=641197236; path=/
Referrer-Policy: no-referrer
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1107
Md5:    a1e9c6b474c0ea9aa57ab101a733aac7
Sha1:   524c50d0f66deffbc239bd0513bff347a52a64aa
Sha256: 34857b7625c8bde57cdf330c10431d919be25c773d65ce2801b3e257adb924c0
                                        
                                            GET /adServe/olive?details=undefined)%20TrafficDist&msg=()%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3D232207_439549_4%3A1%0A(%22BANNER%22%2C0%2C%5Bobject%20Array%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_POP%26tagid%3D2%3A1%0A(%5Bobject%20XPCCrossOriginWrapper%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D)%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_POP%26tagid%3D2%3A1%0A%40http%3A%2F%2Finclk.com%2FadServe%2Fbanners%3Ftid%3DIF1ZYPPYSHARE_POP%26tagid%3D2%3A1%0A&cid=IF1ZYPPYSHARE_POP HTTP/1.1 
Host: inclk.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: rhid=48095416265; tc=300x250_1

                                         
                                         108.168.157.87
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:24 GMT
Content-Length: 0
Connection: Keep-alive
Via: 1.1 ID-0314217254341500 uproxy-5


--- Additional Info ---
                                        
                                            GET /extban/85671020/creatives/18851300/785a60a21f4738d9ad3badbb8f0fe454_9734.gif HTTP/1.1 
Host: cloud.cashtrafic.info
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maxonclick.com/a/display.php?r=1142801&treqn=1861445635&runauction=1&crr=3a485962cdf02328c03f,,wbud3atY2bqVWRxYyZzokN3IUQ2UUMmUXRxYibsBWLmFnYrBnezNna51iOzIDd0RXRxYSRxYiQwYyc3d3a39fc39737414414ee2f6&rtid=59aed33a2ebfc&cbrandom=0.9525048822610107&cbtitle=Zippyshare.com%20-%20FILES.rar&cbiframe=0&cbWidth=1176&cbHeight=754&cbdescription=&cbkeywords=&cbref=

                                         
                                         104.31.8.186
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 05 Sep 2017 16:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d862372f567aca4d13df8a58edf4060fe1504629564; expires=Wed, 05-Sep-18 16:39:24 GMT; path=/; domain=.cashtrafic.info; HttpOnly
Last-Modified: Mon, 21 Aug 2017 13:55:22 GMT
Etag: W/"599ae64a-a596"
X-RevProc-1: n/a = ok
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Tue, 05 Sep 2017 18:39:24 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 399a9fda319b4267-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   42155
Md5:    57b30bcefc9dda18088194f8dc6f4844
Sha1:   59b1e991193b03a2ef817b404758da08dd159892
Sha256: 65832aba6b5ca814a1b468372b1c8f6239219464bedbbc2cd15bc47a4c5673a0
                                        
                                            GET /ads.js HTTP/1.1 
Host: www109.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html
Cookie: JSESSIONID=06ED91DB68A90E9E002B8361D7BCD9CE; zippop=1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 05 Sep 2017 16:39:24 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
Etag: W/"157-1503700234000"
Last-Modified: Fri, 25 Aug 2017 22:30:34 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Sep 2017 16:39:24 GMT
Expires: Sat, 09 Sep 2017 16:39:24 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         216.58.211.132
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Expires: Tue, 05 Sep 2017 16:39:24 GMT
Date: Tue, 05 Sep 2017 16:39:24 GMT
Cache-Control: private, max-age=300
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   406
Md5:    88f2c633039e0851a7fa57c632311ffe
Sha1:   9be075659c8285a420061cb11c466bb4b0abd30d
Sha256: e170dfbc5db48597ad52f13e742d4c03df343c05d799c215cc8ec740dca24955
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 05 Sep 2017 16:39:24 GMT
Expires: Sat, 09 Sep 2017 16:39:24 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api2/r20170829114530/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www109.zippyshare.com/v/5BA45I0d/file.html

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 71145
Date: Mon, 04 Sep 2017 09:47:54 GMT
Expires: Tue, 04 Sep 2018 09:47:54 GMT
Last-Modified: Tue, 29 Aug 2017 19:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 111090
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   71145
Md5:    4c6e709be375778cb4d84ea67779e1af
Sha1:   686bdc340a1fd2d53e46ccc51d8d245b9a5744ac
Sha256: 7769ed70fb70b10e27000e0cfb2fe47e5c44ba517ddd80c120009f68586c456f