www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
104.21.31.32301 Moved Permanently 0 B URL HTTP/1.1 www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
IP 104.21.31.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /phpbb/abbcode_page.php?mode=click&id=1511 HTTP/1.1
Host: www.officialdigitalero.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 21:27:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 22:27:16 GMT
Location: https://www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0ZP74N%2Fs5xSlYYw3ysJHPh%2BfDqmo%2BHFpY3Su2NWevK%2F2xhy1nftF5ox%2FA8vTUGqdCBAvI8v8Oxqyp%2B5thKcpI9L6mqZm1mLfT7s4pBPqVCL2VsD0IJJJ4tu1hmfQzJeb6GVvon9NUT2CZw8bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74937c85bbe6b4eb-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 20:48:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G2r3l-R1DlttFdNrJ0HmHmJbdfEeXpdGfc93vbh8Wy03m_dVNFzoNg==
Age: 2321
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 11 Sep 2022 23:36:47 GMT
Date: Sun, 11 Sep 2022 21:27:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: udtNe6gv1tjixUdCIYENlUofUWwt9z3mbNTN2emPUmShI-zzRgVESw==
age: 51004
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 90cfdd494f9afc4969e55cb500f7ac84
ebd98d3357760840e53063339ce4dee65b5ff1f5
7fbe51d0563899442af4ba28e09e207bdf700443ad1eeb384954ff495caf2d87
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 15 Sep 2022 19:02:14 GMT
ETag: "ebd98d3357760840e53063339ce4dee65b5ff1f5"
Last-Modified: Sun, 11 Sep 2022 19:02:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2103
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74937c88ccde1c06-OSL
www112.zippyshare.com/v/3ZZOjB7t/file.html
46.166.139.230200 OK 40 kB URL HTTP/1.1 www112.zippyshare.com/v/3ZZOjB7t/file.html
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41949), with CRLF, CR, LF line terminators
Hash f78d4f3c6c2281a95ef36833d12aad75
eefd738b64c44ff00655a678761b1f019fbcb809
6351d550bfab93d80c65c42b12dc1e6860edbe256218b1d93b8b3a90409135fe
GET /v/3ZZOjB7t/file.html HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; Path=/; HttpOnly
zippop=1; Domain=.zippyshare.com; Expires=Mon, 12-Sep-2022 09:27:16 GMT; Path=/
Content-Language: en
Expires: Sun, 11 Sep 2022 21:27:15 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
www112.zippyshare.com/wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css
46.166.139.230200 OK 67 kB URL HTTP/1.1 www112.zippyshare.com/wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (38971)
Hash 7e0e3e48bd85cdf4041d04d6d265622a
06bd818fbba909a62546da78470bc01fd813076e
b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: text/css
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 28 Nov 2030 21:27:16 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
www112.zippyshare.com/ads.js
46.166.139.230200 OK 138 B URL HTTP/1.1 www112.zippyshare.com/ads.js
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
Hash 80ce0db0d04307c0a7e7bfbe492e329d
f8efbdda6799a957baa59e907d466dbc3fd7be90
da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
GET /ads.js HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: application/javascript
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 21:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a48c888e243a2a5f1c96982864eea5c2
b3572cc68d3043a66bed42ecef61fb1b7c38654a
fed0aa23a2ec0a5e33e3156048f644d6b0f5bb428c37b99d5810842c31e7f1c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FED0AA23A2EC0A5E33E3156048F644D6B0F5BB428C37B99D5810842C31E7F1C0"
Last-Modified: Sun, 11 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4735
Expires: Sun, 11 Sep 2022 22:46:12 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
www112.zippyshare.com/sw.js
46.166.139.230200 OK 40 kB URL HTTP/1.1 www112.zippyshare.com/sw.js
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8eb407280763dcf09beecf329aa120cb
188a5ee64fff4cca2640944ee7bee5c98472fad2
e274b58ce593d021577bd2900e8377acfe92c1af4132ad52b78ee6d07149c6b7
GET /sw.js HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: application/javascript
Content-Length: 39747
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"103046-1660075830000"
Last-Modified: Tue, 09 Aug 2022 20:10:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 397254d44bff243b832ae7de7fad4720
7dca3ab192555d1d2a5864be7ceee640875b1669
52b68babfc1f980591a0b237ebcfd1ede3ccc4b1d3ae93d2db557288ae5123c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afa8afab4-OSL
www.google.com/recaptcha/api.js?render=explicit
142.250.74.164200 OK 559 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash aaf10fc67b15cb018c8c1117ef33366a
2e52f52a69b149f6b6ed51b4db273897d0f84e23
d304382bbb2cc5ccd834f9802d3d9661dd990775b111faa4f16746a1cae4c65c
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 11 Sep 2022 21:27:17 GMT
date: Sun, 11 Sep 2022 21:27:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 559
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www112.zippyshare.com/wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js
46.166.139.230200 OK 148 kB URL HTTP/1.1 www112.zippyshare.com/wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (65535)
Size 148 kB (147861 bytes)
Hash 1dd393cf506e088f2a0b45a37beabda7
384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Type: application/javascript
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 28 Nov 2030 21:27:16 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ds88pc0kw6cvc.cloudfront.net/?kcpsd=843055
54.230.245.18200 OK 50 kB URL HTTP/2 ds88pc0kw6cvc.cloudfront.net/?kcpsd=843055
IP 54.230.245.18:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash 835a5fafb2dc8ba309d167b743205a14
f9e00d8f9eb4faa93e09751215df7a868718496a
91d8967a52ce750132c6f402792a1177b4461aaf1aad62ba3e013644151fc78f
GET /?kcpsd=843055 HTTP/1.1
Host: ds88pc0kw6cvc.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 49665
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UxzAAAvaPwq4FvqHjSphPz_jJgX4wuovmZ2Ptxlv42jEhjgChk5SLg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 21:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 397254d44bff243b832ae7de7fad4720
7dca3ab192555d1d2a5864be7ceee640875b1669
52b68babfc1f980591a0b237ebcfd1ede3ccc4b1d3ae93d2db557288ae5123c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afb0c0b06-OSL
www.maxonclick.com/a/display.php?r=1142861
35.190.68.123204 No Content 0 B URL HTTP/2 www.maxonclick.com/a/display.php?r=1142861
IP 35.190.68.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=1142861 HTTP/1.1
Host: www.maxonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 397254d44bff243b832ae7de7fad4720
7dca3ab192555d1d2a5864be7ceee640875b1669
52b68babfc1f980591a0b237ebcfd1ede3ccc4b1d3ae93d2db557288ae5123c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afcf0b50f-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 20:56:07 GMT
Expires: Sun, 11 Sep 2022 21:30:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WNoyLfSG-dyAoakehvp44NRVJ-S2SWaGKEimevIp38BQhosQ1wwHMQ==
Age: 1870
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 397254d44bff243b832ae7de7fad4720
7dca3ab192555d1d2a5864be7ceee640875b1669
52b68babfc1f980591a0b237ebcfd1ede3ccc4b1d3ae93d2db557288ae5123c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8c8b54fab4-OSL
www.maxonclick.com/a/display.php?r=1142855
35.190.68.123204 No Content 0 B URL HTTP/2 www.maxonclick.com/a/display.php?r=1142855
IP 35.190.68.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=1142855 HTTP/1.1
Host: www.maxonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.maxonclick.com/a/display.php?r=1142849
35.190.68.123204 No Content 0 B URL HTTP/2 www.maxonclick.com/a/display.php?r=1142849
IP 35.190.68.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=1142849 HTTP/1.1
Host: www.maxonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d10lumateci472.cloudfront.net/?amuld=726474
54.230.245.139200 OK 36 kB URL HTTP/2 d10lumateci472.cloudfront.net/?amuld=726474
IP 54.230.245.139:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash d1746bb2185bde692ab62afb22c19b06
5374c0af990ff0ef0b6ef72dae310fed51fd80d5
766ba9e0b1d9cd96628cd92281073e755c0d97e665e121c63e3cdb4b1a48e5f8
GET /?amuld=726474 HTTP/1.1
Host: d10lumateci472.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 36038
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EhqaU1Sy2e5afmZ0mepr25Xh4n8ip4w5v7KBYcAvY7Q1yK34y5iOPQ==
X-Firefox-Spdy: h2
www112.zippyshare.com/images/favicon2.ico
46.166.139.230200 OK 0 B URL HTTP/1.1 www112.zippyshare.com/images/favicon2.ico
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/favicon2.ico HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Jul 2023 21:27:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3639
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 21:27:17 GMT
Last-Modified: Sun, 11 Sep 2022 20:26:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc1a212f9b6fef727984d1c2d069d864
9bda38c848ece2871025878ec551bd9166f48bfc
565e82ed2ff159de980617ddf843ea226adea075940da3e4c84e59e3f2d301a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc1a212f9b6fef727984d1c2d069d864
9bda38c848ece2871025878ec551bd9166f48bfc
565e82ed2ff159de980617ddf843ea226adea075940da3e4c84e59e3f2d301a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc1a212f9b6fef727984d1c2d069d864
9bda38c848ece2871025878ec551bd9166f48bfc
565e82ed2ff159de980617ddf843ea226adea075940da3e4c84e59e3f2d301a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc1a212f9b6fef727984d1c2d069d864
9bda38c848ece2871025878ec551bd9166f48bfc
565e82ed2ff159de980617ddf843ea226adea075940da3e4c84e59e3f2d301a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04f19dfdf38da3beb1f6534d62d0fd65
ce29a25704a3a22898e67d869738030602c2f06a
02842712aa229668a47ad46d84dd822dcc99a0e42d8c16005f287fc221079027
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02842712AA229668A47AD46D84DD822DCC99A0E42D8C16005F287FC221079027"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=906
Expires: Sun, 11 Sep 2022 21:42:23 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dc1a212f9b6fef727984d1c2d069d864
9bda38c848ece2871025878ec551bd9166f48bfc
565e82ed2ff159de980617ddf843ea226adea075940da3e4c84e59e3f2d301a4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
lcreatessque.xyz/MTNoc3YeDAsAS2dkMgsiAGUBJh17FloxL2Z1PSA+RVsyJTR3VT9DUEVaDE5BAwVcREIXQwEXSwMKTgACUEcdAEsAFQEdEF4OTgVLAB1YXUMIHVlVAwwCTgcGUFRVQlBBRxwfSwAFXkFPAgJeQUAAClk
172.67.158.62204 No Content 0 B URL HTTP/2 lcreatessque.xyz/MTNoc3YeDAsAS2dkMgsiAGUBJh17FloxL2Z1PSA+RVsyJTR3VT9DUEVaDE5BAwVcREIXQwEXSwMKTgACUEcdAEsAFQEdEF4OTgVLAB1YXUMIHVlVAwwCTgcGUFRVQlBBRxwfSwAFXkFPAgJeQUAAClk
IP 172.67.158.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MTNoc3YeDAsAS2dkMgsiAGUBJh17FloxL2Z1PSA+RVsyJTR3VT9DUEVaDE5BAwVcREIXQwEXSwMKTgACUEcdAEsAFQEdEF4OTgVLAB1YXUMIHVlVAwwCTgcGUFRVQlBBRxwfSwAFXkFPAgJeQUAAClk HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCxpuoPqT6xx1Xza1nfWytmXisHjoX%2B1dAYzx9Eoc3r0uJOJil5bDSnFJ78njL%2FIwbwHVtTvPtNJLAmbQErPNvzjNk1NiA4uM9BjRHA1%2B0rq4hR3pbW%2FAYDRNoUZrn9Osf7z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e6b8fb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lcreatessque.xyz/VDJCeTF7DSEKDAd0EC1rDHBnS3cOdQwaYgxKLiBnLHskFAAmZykgFyBbJkQJYAFyTARyQisdDGcAZApFNUY3CgxlFCsXVzsPZA8MZBx6Vwh6A2QMDGUUNglQMw9zX0EgRi5EAGIEcEACZQRwTwNkCg
172.67.158.62204 No Content 0 B URL HTTP/2 lcreatessque.xyz/VDJCeTF7DSEKDAd0EC1rDHBnS3cOdQwaYgxKLiBnLHskFAAmZykgFyBbJkQJYAFyTARyQisdDGcAZApFNUY3CgxlFCsXVzsPZA8MZBx6Vwh6A2QMDGUUNglQMw9zX0EgRi5EAGIEcEACZQRwTwNkCg
IP 172.67.158.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VDJCeTF7DSEKDAd0EC1rDHBnS3cOdQwaYgxKLiBnLHskFAAmZykgFyBbJkQJYAFyTARyQisdDGcAZApFNUY3CgxlFCsXVzsPZA8MZBx6Vwh6A2QMDGUUNglQMw9zX0EgRi5EAGIEcEACZQRwTwNkCg HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFNRBPOhhPwtdLEAXgMH%2BovQb27qzE46FkJ7wi1GBBpUTcY1%2FXLQIvW95cnyXCKwMku4njFVFzRa2ffJC%2FMondHZKOAPJYwqDRnbpedbnkdlFQSFfMdUumbCIKgCUEPtKshK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e6b96b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lcreatessque.xyz/c1hSbmNcZzEdXiVrEFsyJTQ1PyYfbAspLTELYQYLKg0+LAceYHQaChdlalpQQ21nSBMaPG9dUVUrJg8XBitvXFNDb3QHDRU3b1xFBWViQFtdYXxfRQZlY0gXAzk1U1JVKCYaD05pZFhRSmtjWFFFamNe
172.67.158.62204 No Content 0 B URL HTTP/2 lcreatessque.xyz/c1hSbmNcZzEdXiVrEFsyJTQ1PyYfbAspLTELYQYLKg0+LAceYHQaChdlalpQQ21nSBMaPG9dUVUrJg8XBitvXFNDb3QHDRU3b1xFBWViQFtdYXxfRQZlY0gXAzk1U1JVKCYaD05pZFhRSmtjWFFFamNe
IP 172.67.158.62:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c1hSbmNcZzEdXiVrEFsyJTQ1PyYfbAspLTELYQYLKg0+LAceYHQaChdlalpQQ21nSBMaPG9dUVUrJg8XBitvXFNDb3QHDRU3b1xFBWViQFtdYXxfRQZlY0gXAzk1U1JVKCYaD05pZFhRSmtjWFFFamNe HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bosVDHCKRsUVX5qnbWIy5Jyn7vIfSx1c7460ddDG9NEybQQpHWlFeo6e0k0IWXGeuPETvsaGHjxcvWMG1%2B1ScLeZ%2BxDYcU1F7WfVByRmmPpzIW5EvFFmelpMTZxNKeFRTtmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e7b9eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f789ec2f115b0eea7d015fd5b8dc48b5
67b3062db0bce51f965e34673a270a614f92a561
7fadce366cd829219a6788dbadcd8b53e4256fd97b8cf2cbd5805442e4dae670
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FADCE366CD829219A6788DBADCD8B53E4256FD97B8CF2CBD5805442E4DAE670"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sun, 11 Sep 2022 22:25:39 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive
oulukdliketo.shop/SzRwT3oqVhMiRSoJEmkPOVhNakgNEUIJHnoEHDoXKkAVLBN/A0JhGSdbBSscOVseO1QlUQRqSA1QEn44DFY3fzcbTRcELyNHRQYWDVUoGCAyY0EjMAReJQs7Mw0ECxZzVT8MPwF3CBoxEXMxFjw8QAQrESR2NCVOI2ElPDEbXSYdIg5fCAYdfmUnfCMyfDEGPylgBys8PHVAAysGcDELCixzITcpG2cbGDgKeUgFSidSOxgsJGw1Jx4Sc0QaIg0BQSspfn0oGDs6diECGwBzPioiGVAfLD4FVid8LHp4GyceEnAhLikNQyIpSztwKHwWIWwcfzMFZ10aMgpfACY7DQEUFxcJBigZSy5QKB0ZCEMpJjM8WzMJSR0EOyMoEVIeFTEMcjonXCFHHyEKdnxDOC06exc3H38
143.204.55.12200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/SzRwT3oqVhMiRSoJEmkPOVhNakgNEUIJHnoEHDoXKkAVLBN/A0JhGSdbBSscOVseO1QlUQRqSA1QEn44DFY3fzcbTRcELyNHRQYWDVUoGCAyY0EjMAReJQs7Mw0ECxZzVT8MPwF3CBoxEXMxFjw8QAQrESR2NCVOI2ElPDEbXSYdIg5fCAYdfmUnfCMyfDEGPylgBys8PHVAAysGcDELCixzITcpG2cbGDgKeUgFSidSOxgsJGw1Jx4Sc0QaIg0BQSspfn0oGDs6diECGwBzPioiGVAfLD4FVid8LHp4GyceEnAhLikNQyIpSztwKHwWIWwcfzMFZ10aMgpfACY7DQEUFxcJBigZSy5QKB0ZCEMpJjM8WzMJSR0EOyMoEVIeFTEMcjonXCFHHyEKdnxDOC06exc3H38
IP 143.204.55.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash 8eb9c3e3c79ac3d29448478435ae8d61
5fd3c5195faf0f2862d5a5c7df8432091b26cef6
23095b8508dcfd39b1e3e43937dca2cf796703bc662d50847b703a8fac8bb695
GET /SzRwT3oqVhMiRSoJEmkPOVhNakgNEUIJHnoEHDoXKkAVLBN/A0JhGSdbBSscOVseO1QlUQRqSA1QEn44DFY3fzcbTRcELyNHRQYWDVUoGCAyY0EjMAReJQs7Mw0ECxZzVT8MPwF3CBoxEXMxFjw8QAQrESR2NCVOI2ElPDEbXSYdIg5fCAYdfmUnfCMyfDEGPylgBys8PHVAAysGcDELCixzITcpG2cbGDgKeUgFSidSOxgsJGw1Jx4Sc0QaIg0BQSspfn0oGDs6diECGwBzPioiGVAfLD4FVid8LHp4GyceEnAhLikNQyIpSztwKHwWIWwcfzMFZ10aMgpfACY7DQEUFxcJBigZSy5QKB0ZCEMpJjM8WzMJSR0EOyMoEVIeFTEMcjonXCFHHyEKdnxDOC06exc3H38 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GjbuV_zznvYRvRKGbhWIfBTsQLEB8FtLZ8kvUVysQgc9fsjRhhZiaw==
X-Firefox-Spdy: h2
oulukdliketo.shop/N21LaGFWDygFXlZQKU4URQF2TVNxSHkuBURVcxgCBwY8XgJBDmULDVgYLw4TWAM/Rg9SGW5aJ34PITkZZTsaJjYGVSEJGUcJHTAJRDosCyNUKg0hOVwkOicJAycYKixNPRxdDnk+AgYgbyQyLjJTGA0SJEIuLAMjbhcsODZbN38LBkMMHgYJWz4NPjd9XycJJFw4eicWYicZKxJALnoiOHwXDiMkXDwgCTB5DxgRFgMsJz00UxUBCiZQKywyDQMOGDAzWz48DBtuKhENNnEKOSEzbj8KWzREOywiFFRfCSQjBCMsMg0CKhlaI1khPFgpVl8ZICRmQAVZLEAZEz8IRxUTIChzCRw+BHUsCVk7Yh4MKTJ6VAMuJ28mIhAtdQMvUDhcLA4uG3UdEx9HXR4kBhEKFB0PMm00Ox4oAi48KSht
143.204.55.12200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/N21LaGFWDygFXlZQKU4URQF2TVNxSHkuBURVcxgCBwY8XgJBDmULDVgYLw4TWAM/Rg9SGW5aJ34PITkZZTsaJjYGVSEJGUcJHTAJRDosCyNUKg0hOVwkOicJAycYKixNPRxdDnk+AgYgbyQyLjJTGA0SJEIuLAMjbhcsODZbN38LBkMMHgYJWz4NPjd9XycJJFw4eicWYicZKxJALnoiOHwXDiMkXDwgCTB5DxgRFgMsJz00UxUBCiZQKywyDQMOGDAzWz48DBtuKhENNnEKOSEzbj8KWzREOywiFFRfCSQjBCMsMg0CKhlaI1khPFgpVl8ZICRmQAVZLEAZEz8IRxUTIChzCRw+BHUsCVk7Yh4MKTJ6VAMuJ28mIhAtdQMvUDhcLA4uG3UdEx9HXR4kBhEKFB0PMm00Ox4oAi48KSht
IP 143.204.55.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Hash fb025e88bdc73658d5bb3c8adb2b6011
7e3e42652eb00bb7fc556b1916b607e8f0d414d6
90b9203af1cbd927d4c99f6d18d4aa356e1bd979908d338a5cb8e09e9522eb30
GET /N21LaGFWDygFXlZQKU4URQF2TVNxSHkuBURVcxgCBwY8XgJBDmULDVgYLw4TWAM/Rg9SGW5aJ34PITkZZTsaJjYGVSEJGUcJHTAJRDosCyNUKg0hOVwkOicJAycYKixNPRxdDnk+AgYgbyQyLjJTGA0SJEIuLAMjbhcsODZbN38LBkMMHgYJWz4NPjd9XycJJFw4eicWYicZKxJALnoiOHwXDiMkXDwgCTB5DxgRFgMsJz00UxUBCiZQKywyDQMOGDAzWz48DBtuKhENNnEKOSEzbj8KWzREOywiFFRfCSQjBCMsMg0CKhlaI1khPFgpVl8ZICRmQAVZLEAZEz8IRxUTIChzCRw+BHUsCVk7Yh4MKTJ6VAMuJ28mIhAtdQMvUDhcLA4uG3UdEx9HXR4kBhEKFB0PMm00Ox4oAi48KSht HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ESzGZl4DKRnNuUXK3TIevT6bRoMMw_OFEx7A9O0hq5rkMwpVMCubCQ==
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AC7OURV0ffTYLQPnP1MqTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 23kl/YU5MKtTBZawj3LXtAyaPWE=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=334082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8fb82a0b06-OSL
my.rtmark.net/gid.js?userId=6d9864addd7e4938b0c85bddd8e9e0d8
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=6d9864addd7e4938b0c85bddd8e9e0d8
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8af163e1116d2a4819bd95cef1c63f2c
3cc47059a7dd20c4a1c4b916073a0a363c29b7a6
69afbdaeefc273231f77329d0285c481b845a35cfa5b2d430765a1348b843277
GET /gid.js?userId=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www112.zippyshare.com/sw.js?amNDdEwxQXRGfVxQdFZgSEFvVilaUXtMegxVbkEtDFNuQChdUW5Ne1sBbkAtUlB0QntZVXRBLUhPYUR8D1YgQ3RcTiYXdVxOdxJ6WE57RilaTntHfg9UcREtWVYgEW5GQTADbkZBKAcpAgotHyUeFG0cLQMRYVhuW1NtQW5GBSIYPw9PJRUgGQZvEi0GECYp
46.166.139.230200 OK 40 kB URL HTTP/1.1 www112.zippyshare.com/sw.js?amNDdEwxQXRGfVxQdFZgSEFvVilaUXtMegxVbkEtDFNuQChdUW5Ne1sBbkAtUlB0QntZVXRBLUhPYUR8D1YgQ3RcTiYXdVxOdxJ6WE57RilaTntHfg9UcREtWVYgEW5GQTADbkZBKAcpAgotHyUeFG0cLQMRYVhuW1NtQW5GBSIYPw9PJRUgGQZvEi0GECYp
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8eb407280763dcf09beecf329aa120cb
188a5ee64fff4cca2640944ee7bee5c98472fad2
e274b58ce593d021577bd2900e8377acfe92c1af4132ad52b78ee6d07149c6b7
GET /sw.js?amNDdEwxQXRGfVxQdFZgSEFvVilaUXtMegxVbkEtDFNuQChdUW5Ne1sBbkAtUlB0QntZVXRBLUhPYUR8D1YgQ3RcTiYXdVxOdxJ6WE57RilaTntHfg9UcREtWVYgEW5GQTADbkZBKAcpAgotHyUeFG0cLQMRYVhuW1NtQW5GBSIYPw9PJRUgGQZvEi0GECYp HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1; zippyadb=0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/javascript
Content-Length: 39747
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"103046-1660075830000"
Last-Modified: Tue, 09 Aug 2022 20:10:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ds88pc0kw6cvc.cloudfront.net/IbjQxRVQNW18jaxpdVXhsWgcBcGFIXkIqOh4JSBMzPW5oNSInAXIyFSduFzEuCgkBYzgPWlZ4cgtaUnhlSFVVJ2laEkU1OwUJRCswC1JYKzEKEkQkaQNbSyw4AlUUdxJbGgFgZl4cSXRlSwdzYGZeWFgrIRYRA3UsVgJuc2BLB3NgZl5GR2BnLw0Ha2RHEQ-N1MwtXWipxXHIDdWVeBAB1ZUsGASM9HFFXKixLBnd8YkAEFzBpXw
54.230.245.18200 OK 364 B URL HTTP/2 ds88pc0kw6cvc.cloudfront.net/IbjQxRVQNW18jaxpdVXhsWgcBcGFIXkIqOh4JSBMzPW5oNSInAXIyFSduFzEuCgkBYzgPWlZ4cgtaUnhlSFVVJ2laEkU1OwUJRCswC1JYKzEKEkQkaQNbSyw4AlUUdxJbGgFgZl4cSXRlSwdzYGZeWFgrIRYRA3UsVgJuc2BLB3NgZl5GR2BnLw0Ha2RHEQ-N1MwtXWipxXHIDdWVeBAB1ZUsGASM9HFFXKixLBnd8YkAEFzBpXw
IP 54.230.245.18:0
File type ASCII text, with very long lines (455), with no line terminators
Hash 66dfd2d58e66bc7b6aa032e25f514d71
34aa35bfc627191a427e597de9d47450df1e8b89
7302ada2eb7ee372ec0ec76ccc9017d6108108fcbdb1ddfafa41c2aa3ab814eb
GET /IbjQxRVQNW18jaxpdVXhsWgcBcGFIXkIqOh4JSBMzPW5oNSInAXIyFSduFzEuCgkBYzgPWlZ4cgtaUnhlSFVVJ2laEkU1OwUJRCswC1JYKzEKEkQkaQNbSyw4AlUUdxJbGgFgZl4cSXRlSwdzYGZeWFgrIRYRA3UsVgJuc2BLB3NgZl5GR2BnLw0Ha2RHEQ-N1MwtXWipxXHIDdWVeBAB1ZUsGASM9HFFXKixLBnd8YkAEFzBpXw HTTP/1.1
Host: ds88pc0kw6cvc.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 364
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N4Spl0mA1gmEDMcCnK7c1GDQSqatRVL4_k1NLOK7q1uWZOLQZnLVag==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 0f313fa74b61c17b52dc3b0f5b67a28b
5c0dd92bd1ade8826d04d248710f03cc7cd56087
365d67a6f70d8536c0d6dfd6aecacc9ac9a364a1214a8ee8013f405a4a385870
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 21:27:17 GMT
Last-Modified: Sun, 11 Sep 2022 19:58:00 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U-0nagv6X1wxlPBCzuVsy9sHB4WqMMLu29FFBkIJebghexSrbXtnDw==
Age: 5357
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a52ff356ccbdb475c93d17739552c14e
62cc1f087e85e1fdfb3ee9277e83ba7eba4b30ea
8ecc79c70f1f6db5ba02bc48ac7211c463d68e08b1591a992d30a807cfe1c9a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 23:32:40 GMT
Expires: Thu, 15 Sep 2022 23:32:39 GMT
Etag: "62cc1f087e85e1fdfb3ee9277e83ba7eba4b30ea"
Cache-Control: max-age=352521,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8ffb0db50f-OSL
tovanillitechan.com/42/38?z=3519989
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=3519989
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=3519989 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 05f88ee11aeaf1f740609a0d765dbf4c
access-control-expose-headers: X-Sc
set-cookie: OAID=e1291c1607714728ae7b24f68edffdf4; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ablesasmetotr.monster/utx?tid=721637&top=www112.zippyshare.com&cb=Ed08licAvxGQ
143.204.55.24204 No Content 0 B URL HTTP/2 ablesasmetotr.monster/utx?tid=721637&top=www112.zippyshare.com&cb=Ed08licAvxGQ
IP 143.204.55.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=721637&top=www112.zippyshare.com&cb=Ed08licAvxGQ HTTP/1.1
Host: ablesasmetotr.monster
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: waGAqo5kgco-z-dnRBYsWsar-DTrerLKVvQiWeYGgHw4UOjcMb41iA==
X-Firefox-Spdy: h2
d10lumateci472.cloudfront.net/db1BGbG0MPygKUhs5IlFaXWZyW1lJOjUDAx9tDl8aOCEJCxUKZGAYFwttdkoBDj4hUUsKPiVRXEkxIg5QW3YyHAIEbTwdFwA0LQMDADpgGQxSPSkWBAM8J0lfKWVoXEhdYG4UXF51dS5IXWAqBQMaKGNeXRdocDNbW3V1LkhdYDQaSFwRf1pDX3ljXl0INS-UHAkpiAF5dXmB2XV1edXRcCwYiIwoCF3V0KlRZfnZKGFJh
54.230.245.139200 OK 456 B URL HTTP/2 d10lumateci472.cloudfront.net/db1BGbG0MPygKUhs5IlFaXWZyW1lJOjUDAx9tDl8aOCEJCxUKZGAYFwttdkoBDj4hUUsKPiVRXEkxIg5QW3YyHAIEbTwdFwA0LQMDADpgGQxSPSkWBAM8J0lfKWVoXEhdYG4UXF51dS5IXWAqBQMaKGNeXRdocDNbW3V1LkhdYDQaSFwRf1pDX3ljXl0INS-UHAkpiAF5dXmB2XV1edXRcCwYiIwoCF3V0KlRZfnZKGFJh
IP 54.230.245.139:0
File type ASCII text, with very long lines (598), with no line terminators
Hash aa36adc6393b320644490d9d369ab6b5
674797d3e34159cfec771248c205ca807222d671
1fc515fabe5e1ebba9fa44310884ee74306981589eba37d1813709c3064ca818
GET /db1BGbG0MPygKUhs5IlFaXWZyW1lJOjUDAx9tDl8aOCEJCxUKZGAYFwttdkoBDj4hUUsKPiVRXEkxIg5QW3YyHAIEbTwdFwA0LQMDADpgGQxSPSkWBAM8J0lfKWVoXEhdYG4UXF51dS5IXWAqBQMaKGNeXRdocDNbW3V1LkhdYDQaSFwRf1pDX3ljXl0INS-UHAkpiAF5dXmB2XV1edXRcCwYiIwoCF3V0KlRZfnZKGFJh HTTP/1.1
Host: d10lumateci472.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 456
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fbjW6KIO2ecls6K5YYLOAgi_C2wMXhnGkbeoTsfc_3p1XOBse70qfA==
X-Firefox-Spdy: h2
ksehinkitw.hair/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
www112.zippyshare.com/images/favicon.ico
46.166.139.230200 OK 3.6 kB URL HTTP/1.1 www112.zippyshare.com/images/favicon.ico
IP 46.166.139.230:0
ASN #43350 NForce Entertainment B.V.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b3bf18448d2e26f529500cb013975564
1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
GET /images/favicon.ico HTTP/1.1
Host: www112.zippyshare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1; zippyadb=0; prefetchAd_3505448=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 21:27:18 GMT
Content-Type: image/x-icon
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Jul 2023 21:27:18 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
tovanillitechan.com/9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 21:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
clksite.com/static/advertisement.js
173.192.101.24200 OK 157 kB URL HTTP/2 clksite.com/static/advertisement.js
IP 173.192.101.24:0
File type ASCII text, with very long lines (539)
Size 157 kB (157213 bytes)
Hash d56ec5ec9ded3c6481df5c238752fd65
9730d062eb32d206278fc4dd56fa9f3794df571b
0efaf920c276337690bb3ed5fa677bcd7932b00d47ad212851f2dc02a0ca9e4b
GET /static/advertisement.js HTTP/1.1
Host: clksite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: application/javascript
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Tue, 13 Sep 2022 21:27:18 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=pcYndZbGNGZS&top=www112.zippyshare.com&tid=726474
143.204.55.12204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=pcYndZbGNGZS&top=www112.zippyshare.com&tid=726474
IP 143.204.55.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=pcYndZbGNGZS&top=www112.zippyshare.com&tid=726474 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VjqRQkPUeWRQYJh-i8Kt0v0zAFZ2YdEyfImv5488UosZv5WyZQ8faQ==
X-Firefox-Spdy: h2
oulukdliketo.shop/multi?cs=c05vd1FEelxGZUd8VkNlQ3hbRWk&abt=0&red=1&sm=76&k=zippyshare&v=1.0.59.1&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_LoPo=1662931626420&crc=1
143.204.55.12200 OK 1.5 kB URL HTTP/2 oulukdliketo.shop/multi?cs=c05vd1FEelxGZUd8VkNlQ3hbRWk&abt=0&red=1&sm=76&k=zippyshare&v=1.0.59.1&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_LoPo=1662931626420&crc=1
IP 143.204.55.12:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 577b91f15e55f056d2f2080a40acffb2
733e9a42dec6a489e80c5630aa41e2612c0d5fd6
7ff7928d4519855be12d9fd6f9091d561e5fc5fc3936dc7eb6e222d90bf770e5
GET /multi?cs=c05vd1FEelxGZUd8VkNlQ3hbRWk&abt=0&red=1&sm=76&k=zippyshare&v=1.0.59.1&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_LoPo=1662931626420&crc=1 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1515
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=800221ef-1546-4601-b14a-ff48ab926c84
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tj8JQlydK7x_qteYrZ2k-WVD-OXFTjNIVq3anQct1HAeFUkrR656Yw==
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=7OrKtjaKBoZU&top=www112.zippyshare.com&tid=843055
143.204.55.12204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=7OrKtjaKBoZU&top=www112.zippyshare.com&tid=843055
IP 143.204.55.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=7OrKtjaKBoZU&top=www112.zippyshare.com&tid=843055 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KQuWNdHIJc0sPx_SDwtLVnFKz6hBY2st0oBghqEjuEyCiosnKeNyhw==
X-Firefox-Spdy: h2
ksehinkitw.hair/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www112.zippyshare.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tovanillitechan.com/11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=129
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=129
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=129 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9508dd37c64cdbbe43e7f579770b665c
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ksehinkitw.hair/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www112.zippyshare.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 531 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5268cc878eb48a18c1ecbf66c2817aed
e282ef9bdf486dfa91b4762a07de4b8bded15673
81c56e25de9f3243773396af0197390dfc7300b8ca23e1d3d3814a0adec120cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5FF8781CE423FF2BC30D55EA474FB59F47B128B241369ACAB886178784F21E09"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4016
Expires: Sun, 11 Sep 2022 22:34:14 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
oulukdliketo.shop/floater?cs=aGRzcFVfVENJbFxVQUltXl1LR2M&abt=0&red=1&sm=83&k=zippyshare&v=0.8.9.1&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_KuRX=1662931626418&crc=1
143.204.55.12200 OK 3.6 kB URL HTTP/2 oulukdliketo.shop/floater?cs=aGRzcFVfVENJbFxVQUltXl1LR2M&abt=0&red=1&sm=83&k=zippyshare&v=0.8.9.1&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_KuRX=1662931626418&crc=1
IP 143.204.55.12:0
File type ASCII text, with very long lines (5342), with no line terminators
Hash 15ed7edcda2f552700c7581fa34f53d6
5fd6637d27546a48e50f324abe7b55357421d57a
06b8eff7d7a90c805b518d3133d7bab3de5a3df308f918b75909343bbdae4368
GET /floater?cs=aGRzcFVfVENJbFxVQUltXl1LR2M&abt=0&red=1&sm=83&k=zippyshare&v=0.8.9.1&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_KuRX=1662931626418&crc=1 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3602
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=02c91f9e-8421-43e0-921e-cc4eee58463c
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ABP4ftkHvxd3PgbneNvA7lwVCtGE026as6D8YA2IrsWEgyzuZqX9_g==
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0f7309973441d3f8f8bcc38300750c6d
e741090234e3c959578d6689a82d488432736d6d
afab13b95aa08c5d36101e25e92886acafac6268396e20a2d7763b951de93f7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFAB13B95AA08C5D36101E25E92886ACAFAC6268396E20A2D7763B951DE93F7E"
Last-Modified: Sun, 11 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=972
Expires: Sun, 11 Sep 2022 21:43:30 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png
139.45.197.155200 OK 45 kB URL HTTP/2 interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png
IP 139.45.197.155:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 36d8c29c866059b85b47752a6cc71b81
2d877eabf6710f66f5d7a3e265de997cf258ba32
0bbd2d8d16b4fd96c0a0dabecbd05ca573b30cd7079950d73b5dd68bde69a27b
GET /contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: image/png
content-length: 45133
last-modified: Thu, 14 Jul 2022 23:23:43 GMT
etag: "62d0a57f-b04d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=3519989
139.45.197.239200 OK 115 kB URL HTTP/2 tovanillitechan.com/1?z=3519989
IP 139.45.197.239:0
Size 115 kB (114635 bytes)
Hash e491b8fae0d995f7bcacc7d1393af3ec
cbff57bb97d45577bd69efea57b22809035559c3
65a057b2c16e568de5ed171fcea2c662029e70b004144b251c70a40569dadbe0
GET /1?z=3519989 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5b2a9adb56539fe86cd9cd34f0e1e3c1
access-control-expose-headers: X-Sc
x-sc: zIP_hStLSzp8ixCQcCeXawfiyZkjdoGB7dNxCMdBAgfMZls5HaNS2HDo4nR9jPDbtZIlq5ZXSv1tk4nJZmp3RHrnxxU=
set-cookie: scm=1; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
OAID=e1291c1607714728ae7b24f68edffdf4; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.155200 OK 5.1 kB URL HTTP/2 interstitial-07.com/?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5213)
Hash f35e550bc618987e738051ef321a25fc
5df26d5a5efa6a5043a2404f24a3dbc6669642ae
aae07a861eb74b021393973b2a7817922832d877509fd0bfafeefb4b4c5473c4
GET /?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=GGaU2LJLxK0Ji2sPLE5WfGEgmVwCNU06SEF9xow5mJk; expires=Sun, 11-Sep-2022 22:27:18 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1dcf4996143a8972702f2b94728f16e2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7529
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7529
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 85605
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:11 GMT
age: 85628
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 85225
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 32884
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ksehinkitw.hair/NUZoNWhuZF8HWQN1XxdEF2REFw0FdFANXlNwRQAJU3ZFAQwCdEUMXwQkRQEJDXVfA18GcF8ACRdqSgVYUHMLAlADaw1WUQNrXFNeB2tQBw0Fa1AGWlBxWlAJBnMLUEoZZBtCShlkA0YNXS8GXgFBMUZdCVw0ShlKBHZGAEoZIAlZG1BqDlQERiNEUwlZNQ1o
107.22.28.167200 OK 21 kB URL HTTP/2 ksehinkitw.hair/NUZoNWhuZF8HWQN1XxdEF2REFw0FdFANXlNwRQAJU3ZFAQwCdEUMXwQkRQEJDXVfA18GcF8ACRdqSgVYUHMLAlADaw1WUQNrXFNeB2tQBw0Fa1AGWlBxWlAJBnMLUEoZZBtCShlkA0YNXS8GXgFBMUZdCVw0ShlKBHZGAEoZIAlZG1BqDlQERiNEUwlZNQ1o
IP 107.22.28.167:0
Hash 3da8a3ce2f568b5d40209f075925947c
4de9affad299393b97b6a5f63a901a3baff233f0
be61516d72d5c0d78c2ebadb22058cac5ccef055a11dc9994e5f387e4d5a0faa
GET /NUZoNWhuZF8HWQN1XxdEF2REFw0FdFANXlNwRQAJU3ZFAQwCdEUMXwQkRQEJDXVfA18GcF8ACRdqSgVYUHMLAlADaw1WUQNrXFNeB2tQBw0Fa1AGWlBxWlAJBnMLUEoZZBtCShlkA0YNXS8GXgFBMUZdCVw0ShlKBHZGAEoZIAlZG1BqDlQERiNEUwlZNQ1o HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 260a94675e38e81ad590e06e44df2e03=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-UnRiautt3uBzEx98zzKJQunVKsA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
louchees.net/apu.php?zoneid=3505448
139.45.197.236200 OK 33 kB URL HTTP/2 louchees.net/apu.php?zoneid=3505448
IP 139.45.197.236:0
Hash 686594845408cd38c135ec99ad681963
9766db8ce4b517409f00c81732b3a0211de68e3a
4a53c465ac16f48a7af52d1a4c90c4dfe3ff65ccb7e31f77ee5a74e2f6a81d49
GET /apu.php?zoneid=3505448 HTTP/1.1
Host: louchees.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-type: application/javascript
x-trace-id: e53df28b09437fdd978d685e0c79f0b6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:17 GMT; path=/; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.15%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.15%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.15%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 21:27:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2054eb466c24dadebf7a7efdb9de2c33
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:19 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 280fd91cd25fe9977fbbc0e7d2a71726
15ae5fa7da890ec923ba28b79630d8c53e1d35eb
04aad150e8412f7cbc24d810d0edc8001c8b68364a56edcd424e44b4cb503c0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11429
Expires: Mon, 12 Sep 2022 00:37:49 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive
xml.serve-servee.com/thumbnail?i=beNnMsXYCPg_0&imgt=icon
172.67.217.88302 Found 0 B URL HTTP/2 xml.serve-servee.com/thumbnail?i=beNnMsXYCPg_0&imgt=icon
IP 172.67.217.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?i=beNnMsXYCPg_0&imgt=icon HTTP/1.1
Host: xml.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 11 Sep 2022 21:27:20 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfFN2yI1d8yJycbE3LCpYUrx%2B0o3TI5v761ffb1M%2FguivGvGJvOg8WtKTanu4Q63c5JhSguagrmqMavQwfDJ%2FCn4mLntpZLBM4PRVFonbm7Iyts1kmmygO3p3XF6uAsiG3qKwTKuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937ca2cbd7b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 280fd91cd25fe9977fbbc0e7d2a71726
15ae5fa7da890ec923ba28b79630d8c53e1d35eb
04aad150e8412f7cbc24d810d0edc8001c8b68364a56edcd424e44b4cb503c0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11429
Expires: Mon, 12 Sep 2022 00:37:49 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive
static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
172.67.217.88200 OK 89 kB URL HTTP/2 static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
IP 172.67.217.88:0
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 0994ec31361ea569c5549063145bfdd2
9b270e9f7a346a0f0f60a978e154f49740350270
e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:20 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1662931640.cds014.sk1.h2,1662931640.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mMfAfeFsfeBDupLisuD3qGgoaSb7hrohxBmg81zULuLK2crXfV8PXTqDZZ3R6aFQk3XHmn2W5BmhwY29iHTjXJWKAnkhfznGl04rc03h0VUnCJQCDSWmm3um7FlDBGpp1j3G77aNTglGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937ca3bd1fb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aeb0d903bbe19b66650702d3154d3050
453d20415906e125f80f1999e5feb6899927da55
ddde6577bb6178e35dfbc5ca032d855f5731cf3b0162ac191fa7668937db1057
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDDE6577BB6178E35DFBC5CA032D855F5731CF3B0162AC191FA7668937DB1057"
Last-Modified: Sun, 11 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7342
Expires: Sun, 11 Sep 2022 23:29:42 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive
casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTTWgkRRSu0b0snpQVL3sYbwoy6Z6%2F9LjIYsxGgnGz7Cp6UqqrapJnerqaqq7pSU5BQXKSEQ%2F%2BnCpfsgnq%2Bnfw6CqdBQ8BIXOLaC6ePPkHi0fpMSb4oHmv3%2FegvlffV29vuxPWgOPH8y%2FqDUoSPtNpBPUnXg3DK%2FUlSt2oPoq6r3fbV%2Bpm%2BHSv2wierD%2BvxJqeaQZhEIRBWF8go%2Fp6NFOBoOxOL2z0gka72Qg7bYyMh3U1WF6DHJ6wR0BycuFe7RJIlEgHX84ru5br7KlrA5fwXBsM5f7L6VqqixSD87Jvauin%2B6fT0PZo4S50entKEXp4NhjThNW%2Bv4s43T8lhni4O%2BUWJ1ApYvkQimEJlZQgXkLot0DyiAFC4voy0sHedW0Kvv4vyit0wi7c%2FwtUTNiFny8hHXw%2Bl9CofksnLiedWoz6HjQqQSslMneAfIOBigOI%2FE2Q%2FIHN3F9COthdtokGST%2FdnagE9UskagxuGVz1EYPr1%2BCyGgbyuC7CMJwNpOBB1BOiJWdV3JVByGf7IQ%2BDbgQnKnpj5NkYIhlDmE1kZhNrNIZx74BsCcc9KPPI7F7UbgWdDpQ4vPrrh1V8BE7HddFq8ijqBL1%2BM4rjMG7NdkSz01PN6iTJFWI6vNr%2B%2B%2ButX1b%2FQEIMih9%2B%2BzubBmzqkTq%2FkxryMOqQncaOkfnh1bOpVQ8rGWzOMJQehWIoLEPBGQpiKHKGYuhvy8Q2rd%2BTiXVxeJqbp7nlt7MT9vBUjz%2FFa1hTx%2FV%2BIJpRv9duNaN2rxdHsj3b6kZdKUIZqXYkYem%2Frck%2BAG5r2KAJe%2FSn35BVTpHvIeYHsMkBBD0O7i6DFx581WMj9ZD6C8Gt40lmtO43hB4gyy8iX69tJyfssSmV7gdb%2F7tRYTwy4%2FEG3WNYSbZ2buqC7d7UhWVfLWc5DWiDV7a5lfNcPfjJC2q90EYuztvxx8%2BKCqjKOy8pmy%2FxVFK6YtmncySlMgvaCMW%2BWbSvqPiGs6tzzqQuW7rx3MLiIDPKWtJpCU5H196HoAm7%2BO6P0%2Fdw%2BbNnQKaEcR4Dd6YQSJcQ2SZsdt6zmsEk5%2F9xxlA4v2Oa8Xmz8kByLjV47Lftd7DkkVv2DwAAAP%2F%2FAQAA%2F%2F85umvMVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662931638&pid=91283&sub2=icon&auid=c32a88509f28bb1b375c259e21a7fdae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTTWgkRRSu0b0snpQVL3sYbwoy6Z6%2F9LjIYsxGgnGz7Cp6UqqrapJnerqaqq7pSU5BQXKSEQ%2F%2BnCpfsgnq%2Bnfw6CqdBQ8BIXOLaC6ePPkHi0fpMSb4oHmv3%2FegvlffV29vuxPWgOPH8y%2FqDUoSPtNpBPUnXg3DK%2FUlSt2oPoq6r3fbV%2Bpm%2BHSv2wierD%2BvxJqeaQZhEIRBWF8go%2Fp6NFOBoOxOL2z0gka72Qg7bYyMh3U1WF6DHJ6wR0BycuFe7RJIlEgHX84ru5br7KlrA5fwXBsM5f7L6VqqixSD87Jvauin%2B6fT0PZo4S50entKEXp4NhjThNW%2Bv4s43T8lhni4O%2BUWJ1ApYvkQimEJlZQgXkLot0DyiAFC4voy0sHedW0Kvv4vyit0wi7c%2FwtUTNiFny8hHXw%2Bl9CofksnLiedWoz6HjQqQSslMneAfIOBigOI%2FE2Q%2FIHN3F9COthdtokGST%2FdnagE9UskagxuGVz1EYPr1%2BCyGgbyuC7CMJwNpOBB1BOiJWdV3JVByGf7IQ%2BDbgQnKnpj5NkYIhlDmE1kZhNrNIZx74BsCcc9KPPI7F7UbgWdDpQ4vPrrh1V8BE7HddFq8ijqBL1%2BM4rjMG7NdkSz01PN6iTJFWI6vNr%2B%2B%2ButX1b%2FQEIMih9%2B%2BzubBmzqkTq%2FkxryMOqQncaOkfnh1bOpVQ8rGWzOMJQehWIoLEPBGQpiKHKGYuhvy8Q2rd%2BTiXVxeJqbp7nlt7MT9vBUjz%2FFa1hTx%2FV%2BIJpRv9duNaN2rxdHsj3b6kZdKUIZqXYkYem%2Frck%2BAG5r2KAJe%2FSn35BVTpHvIeYHsMkBBD0O7i6DFx581WMj9ZD6C8Gt40lmtO43hB4gyy8iX69tJyfssSmV7gdb%2F7tRYTwy4%2FEG3WNYSbZ2buqC7d7UhWVfLWc5DWiDV7a5lfNcPfjJC2q90EYuztvxx8%2BKCqjKOy8pmy%2FxVFK6YtmncySlMgvaCMW%2BWbSvqPiGs6tzzqQuW7rx3MLiIDPKWtJpCU5H196HoAm7%2BO6P0%2Fdw%2BbNnQKaEcR4Dd6YQSJcQ2SZsdt6zmsEk5%2F9xxlA4v2Oa8Xmz8kByLjV47Lftd7DkkVv2DwAAAP%2F%2FAQAA%2F%2F85umvMVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662931638&pid=91283&sub2=icon&auid=c32a88509f28bb1b375c259e21a7fdae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTTWgkRRSu0b0snpQVL3sYbwoy6Z6%2F9LjIYsxGgnGz7Cp6UqqrapJnerqaqq7pSU5BQXKSEQ%2F%2BnCpfsgnq%2Bnfw6CqdBQ8BIXOLaC6ePPkHi0fpMSb4oHmv3%2FegvlffV29vuxPWgOPH8y%2FqDUoSPtNpBPUnXg3DK%2FUlSt2oPoq6r3fbV%2Bpm%2BHSv2wierD%2BvxJqeaQZhEIRBWF8go%2Fp6NFOBoOxOL2z0gka72Qg7bYyMh3U1WF6DHJ6wR0BycuFe7RJIlEgHX84ru5br7KlrA5fwXBsM5f7L6VqqixSD87Jvauin%2B6fT0PZo4S50entKEXp4NhjThNW%2Bv4s43T8lhni4O%2BUWJ1ApYvkQimEJlZQgXkLot0DyiAFC4voy0sHedW0Kvv4vyit0wi7c%2FwtUTNiFny8hHXw%2Bl9CofksnLiedWoz6HjQqQSslMneAfIOBigOI%2FE2Q%2FIHN3F9COthdtokGST%2FdnagE9UskagxuGVz1EYPr1%2BCyGgbyuC7CMJwNpOBB1BOiJWdV3JVByGf7IQ%2BDbgQnKnpj5NkYIhlDmE1kZhNrNIZx74BsCcc9KPPI7F7UbgWdDpQ4vPrrh1V8BE7HddFq8ijqBL1%2BM4rjMG7NdkSz01PN6iTJFWI6vNr%2B%2B%2ButX1b%2FQEIMih9%2B%2BzubBmzqkTq%2FkxryMOqQncaOkfnh1bOpVQ8rGWzOMJQehWIoLEPBGQpiKHKGYuhvy8Q2rd%2BTiXVxeJqbp7nlt7MT9vBUjz%2FFa1hTx%2FV%2BIJpRv9duNaN2rxdHsj3b6kZdKUIZqXYkYem%2Frck%2BAG5r2KAJe%2FSn35BVTpHvIeYHsMkBBD0O7i6DFx581WMj9ZD6C8Gt40lmtO43hB4gyy8iX69tJyfssSmV7gdb%2F7tRYTwy4%2FEG3WNYSbZ2buqC7d7UhWVfLWc5DWiDV7a5lfNcPfjJC2q90EYuztvxx8%2BKCqjKOy8pmy%2FxVFK6YtmncySlMgvaCMW%2BWbSvqPiGs6tzzqQuW7rx3MLiIDPKWtJpCU5H196HoAm7%2BO6P0%2Fdw%2BbNnQKaEcR4Dd6YQSJcQ2SZsdt6zmsEk5%2F9xxlA4v2Oa8Xmz8kByLjV47Lftd7DkkVv2DwAAAP%2F%2FAQAA%2F%2F85umvMVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662931638&pid=91283&sub2=icon&auid=c32a88509f28bb1b375c259e21a7fdae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: casualproof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 21:27:21 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3427ec9ecee6346be2590219a145bd3f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Sun, 11 Sep 2022 23:32:41 GMT
Date: Sun, 11 Sep 2022 21:27:21 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:21 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 13 Sep 2022 21:27:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.153%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.153%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.153%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 21:27:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: aa6e558fe84736dfbe8d5546cc40356a
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:21 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
tovanillitechan.com/11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:23 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2449146cdca6d20d1c180457af814666
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None
oaidvc=1; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None
CNT=1_v1_2eDWAAEAAAAuSzk5; expires=Sun, 11 Sep 2022 22:27:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.166%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.166%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.166%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637; oaidvc=1; CNT=1_v1_2eDWAAEAAAAuSzk5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 11 Sep 2022 21:27:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 67f33e97cf9aa2763e7f4adc42aff0cb
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:25 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
lcreatessque.xyz/popunder.gif
172.67.158.62200 OK 0 B URL HTTP/2 lcreatessque.xyz/popunder.gif
IP 172.67.158.62:0
GET /popunder.gif HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:17 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 121916
last-modified: Sat, 10 Sep 2022 11:35:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BQktZoslrc53u3LIzUaGvdK3skqiYG1YaqYRB0AbVxbsk8FBvkJLF7NRfOfQZGiHJ2UM36u3OipZjJmQRfE93Rh2%2BUKMa52kHLTXOQnoElPdamulu%2BU1jtabcUD20ecW3rX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c8e6b91b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tovanillitechan.com/27/55dfd372293146a7ca113106d0d608dd
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/27/55dfd372293146a7ca113106d0d608dd
IP 139.45.197.239:0
GET /27/55dfd372293146a7ca113106d0d608dd HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Sep 2022 05:02:06 GMT
expires: Wed, 07 Oct 2082 05:02:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: text/plain
set-cookie: csu=1441818225237289@1@1662931638; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf%2FQ1Ekj6tvCOngnAvdcyP8NwPTdQHaxlE5njTIy876a3eLw9r2KCuEEyzdlsCohqxni4GWZREliEmBCVFxpu29IadqzTb0Qz%2FADnBRZhXd7z6ORgkpli4vw2d7UYVhM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c92e832b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4387
last-modified: Sun, 11 Sep 2022 20:14:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4XavOZPU9JiOKxZNUF20phAbW4GTUFsRAgWOqd0rmqGeZoV66KFn6Dd5h5NtpiCdvLzplyVMxIuyLORVBLdXJ%2Bz798tjgDa3JAth68GSdW%2BscInzbnfVSwNSJ7CwCOK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c92e82cb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4387
last-modified: Sun, 11 Sep 2022 20:14:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDuMPw8D1K2xnWnqgB4VQ20p7AwF0qYGeQkT0iHZmC%2B06k4sXWhZJ5Nb6%2BjPaWu5fOJZ%2BCm9NzYRoZ4IjMB%2ByamclGcaQjb7xF%2Bd8m5NFlynt2h7CAIaxRQmo4f%2FN%2BKx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c92e830b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
172.67.174.233301 Moved Permanently 0 B URL HTTP/2 www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
IP 172.67.174.233:0
GET /phpbb/abbcode_page.php?mode=click&id=1511 HTTP/1.1
Host: www.officialdigitalero.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 11 Sep 2022 21:27:16 GMT
content-type: text/html; charset=UTF-8
location: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
status: 301 Moved Permanently
cf-cache-status: BYPASS
set-cookie: digitalero_u=1; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly
digitalero_k=; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly
digitalero_sid=c08a494de86b953752fd740974d3f9d2; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuPbaKygYi7%2FIZW%2FmzTFnwv8DCRr5X4O%2FMK6fu01GQQpJ%2BghxtD09KP3T%2FZq9m%2Bn3vDko7MN%2FKfR4AtwSRaB%2FEOVR5jput%2BbnB%2FRIobw3I9rJm%2Bsg1wJ2EDQOdJM1i4RNvu1DGgzRVDq%2FnHzAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c87798db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8
IP 139.45.197.239:0
POST /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 59
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 60efa60436f32bba5e808531fcc6e361
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2