Overview

URL www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
IP172.67.174.233
ASNCLOUDFLARENET
Location United States
Report completed2022-09-11 21:27:28 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-11 2 unphionetor.com Sinkholed
2022-09-11 2 casualproof.com Sinkholed


Files

No files detected



Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www112.zippyshare.com (8) 0 2017-02-03 09:39:08 UTC 2022-06-29 15:49:22 UTC 46.166.139.230 Domain (zippyshare.com) ranked at: 41031
mnemonic passive DNS cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-09-11 13:38:52 UTC 45.133.44.10
mnemonic passive DNS ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-09-11 04:58:43 UTC 104.18.21.226
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-11 04:58:08 UTC 142.250.74.3
mnemonic passive DNS ocsp.sectigo.com (6) 487 2018-12-17 11:31:55 UTC 2022-09-11 17:53:46 UTC 104.18.32.68
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-11 08:50:08 UTC 139.45.195.8
mnemonic passive DNS clksite.com (1) 68288 No data No data 173.192.101.24
mnemonic passive DNS xml.serve-servee.com (1) 0 2022-06-18 07:06:23 UTC 2022-09-11 17:22:27 UTC 172.67.217.88 Unknown ranking
mnemonic passive DNS pogothere.xyz (3) 0 2022-09-04 19:11:25 UTC 2022-09-11 17:22:36 UTC 104.21.86.231 Unknown ranking
mnemonic passive DNS www.officialdigitalero.org (2) 0 2017-01-22 04:01:27 UTC 2022-09-10 06:40:09 UTC 104.21.31.32 Unknown ranking
mnemonic passive DNS oulukdliketo.shop (6) 0 2022-08-21 19:27:19 UTC 2022-09-11 17:19:57 UTC 143.204.55.12 Unknown ranking
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS unphionetor.com (1) 54035 2022-02-11 12:53:49 UTC 2022-09-11 05:08:01 UTC 139.45.197.236
mnemonic passive DNS img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-09-11 04:57:20 UTC 34.120.237.76
mnemonic passive DNS louchees.net (1) 281261 2020-05-26 12:42:26 UTC 2022-09-06 21:51:40 UTC 139.45.197.236
mnemonic passive DNS d10lumateci472.cloudfront.net (2) 0 2020-12-02 18:46:05 UTC 2022-09-07 19:19:15 UTC 54.230.245.139 Unknown ranking
mnemonic passive DNS ksehinkitw.hair (4) 0 2022-07-21 06:48:53 UTC 2022-09-11 09:27:57 UTC 107.22.28.167 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-11 04:58:07 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-11 04:57:50 UTC 34.212.166.60
mnemonic passive DNS ablesasmetotr.monster (1) 0 2022-08-03 09:44:11 UTC 2022-09-11 19:29:21 UTC 143.204.55.24 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (11) 344 2020-12-02 08:52:13 UTC 2022-09-11 04:57:04 UTC 95.101.11.115
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-11 15:10:29 UTC 142.250.74.164
mnemonic passive DNS ds88pc0kw6cvc.cloudfront.net (2) 0 2021-02-20 14:25:22 UTC 2022-09-09 11:35:15 UTC 54.230.245.18 Unknown ranking
mnemonic passive DNS www.maxonclick.com (3) 173326 2017-01-29 09:04:56 UTC 2022-09-07 19:19:15 UTC 35.190.68.123
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-11 12:16:56 UTC 93.184.220.29
mnemonic passive DNS lcreatessque.xyz (4) 0 2022-09-06 18:34:08 UTC 2022-09-11 14:12:01 UTC 172.67.158.62 Unknown ranking
mnemonic passive DNS interstitial-07.com (2) 36198 2017-03-09 00:00:07 UTC 2022-09-11 06:38:47 UTC 139.45.197.155
mnemonic passive DNS www.officialdigitalero.org (2) 0 2017-01-22 04:01:27 UTC 2022-09-10 06:40:09 UTC 172.67.174.233 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-11 15:58:57 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-11 04:57:17 UTC 143.204.55.49
mnemonic passive DNS e1.o.lencr.org (12) 6159 2021-08-20 07:36:30 UTC 2022-09-11 05:49:02 UTC 23.33.119.27
mnemonic passive DNS tovanillitechan.com (10) 0 2022-07-22 05:21:08 UTC 2022-09-11 19:28:33 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS static.serve-servee.com (1) 0 2022-06-18 03:19:30 UTC 2022-09-11 17:22:27 UTC 172.67.217.88 Unknown ranking
mnemonic passive DNS casualproof.com (1) 0 2022-08-17 12:29:31 UTC 2022-09-11 15:24:21 UTC 173.233.137.52 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.174.233

Date UQ / IDS / BL URL IP
2022-09-11 21:27:28 +0000
0 - 0 - 2 www.officialdigitalero.org/phpbb/abbcode_page (...) 172.67.174.233

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-10 05:48:40 +0000
0 - 0 - 6 letmik.com/index~71218 172.67.206.88
2022-12-10 05:43:04 +0000
0 - 0 - 2 tinyurl4.ru/aKARKnKL/ 172.67.194.142
2022-12-10 05:42:56 +0000
0 - 0 - 2 yjeu4i.codesandbox.io/?coz=aGxhd0B0cGdmdy5jb20= 104.18.7.114
2022-12-10 05:42:35 +0000
0 - 0 - 9 www.quming.me/landing/ro/milf/1 104.21.83.51
2022-12-10 05:39:53 +0000
0 - 0 - 3 www.nakedgirls.mobi/videos/3190/naked-girls-f (...) 104.21.233.226

Last 1 reports on domain: officialdigitalero.org

Date UQ / IDS / BL URL IP
2022-09-11 21:27:28 +0000
0 - 0 - 2 www.officialdigitalero.org/phpbb/abbcode_page (...) 172.67.174.233

No other reports with similar screenshot



JavaScript

Executed Scripts (20)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (100)


Request Response
                                        
                                            GET /phpbb/abbcode_page.php?mode=click&id=1511 HTTP/1.1 
Host: www.officialdigitalero.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.31.32
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 11 Sep 2022 21:27:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 22:27:16 GMT
Location: https://www.officialdigitalero.org/phpbb/abbcode_page.php?mode=click&id=1511
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0ZP74N%2Fs5xSlYYw3ysJHPh%2BfDqmo%2BHFpY3Su2NWevK%2F2xhy1nftF5ox%2FA8vTUGqdCBAvI8v8Oxqyp%2B5thKcpI9L6mqZm1mLfT7s4pBPqVCL2VsD0IJJJ4tu1hmfQzJeb6GVvon9NUT2CZw8bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74937c85bbe6b4eb-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 20:48:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G2r3l-R1DlttFdNrJ0HmHmJbdfEeXpdGfc93vbh8Wy03m_dVNFzoNg==
Age: 2321


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 11 Sep 2022 23:36:47 GMT
Date: Sun, 11 Sep 2022 21:27:16 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: udtNe6gv1tjixUdCIYENlUofUWwt9z3mbNTN2emPUmShI-zzRgVESw==
age: 51004
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:16 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 15 Sep 2022 19:02:14 GMT
ETag: "ebd98d3357760840e53063339ce4dee65b5ff1f5"
Last-Modified: Sun, 11 Sep 2022 19:02:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2103
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74937c88ccde1c06-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    90cfdd494f9afc4969e55cb500f7ac84
Sha1:   ebd98d3357760840e53063339ce4dee65b5ff1f5
Sha256: 7fbe51d0563899442af4ba28e09e207bdf700443ad1eeb384954ff495caf2d87
                                        
                                            GET /v/3ZZOjB7t/file.html HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; Path=/; HttpOnly zippop=1; Domain=.zippyshare.com; Expires=Mon, 12-Sep-2022 09:27:16 GMT; Path=/
Content-Language: en
Expires: Sun, 11 Sep 2022 21:27:15 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41949), with CRLF, CR, LF line terminators
Size:   39528
Md5:    f78d4f3c6c2281a95ef36833d12aad75
Sha1:   eefd738b64c44ff00655a678761b1f019fbcb809
Sha256: 6351d550bfab93d80c65c42b12dc1e6860edbe256218b1d93b8b3a90409135fe
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 28 Nov 2030 21:27:16 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /ads.js HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FED0AA23A2EC0A5E33E3156048F644D6B0F5BB428C37B99D5810842C31E7F1C0"
Last-Modified: Sun, 11 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4735
Expires: Sun, 11 Sep 2022 22:46:12 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            GET /sw.js HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Length: 39747
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"103046-1660075830000"
Last-Modified: Tue, 09 Aug 2022 20:10:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   39747
Md5:    8eb407280763dcf09beecf329aa120cb
Sha1:   188a5ee64fff4cca2640944ee7bee5c98472fad2
Sha256: e274b58ce593d021577bd2900e8377acfe92c1af4132ad52b78ee6d07149c6b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afa8afab4-OSL

                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sun, 11 Sep 2022 21:27:17 GMT
date: Sun, 11 Sep 2022 21:27:17 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 559
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   559
Md5:    aaf10fc67b15cb018c8c1117ef33366a
Sha1:   2e52f52a69b149f6b6ed51b4db273897d0f84e23
Sha256: d304382bbb2cc5ccd834f9802d3d9661dd990775b111faa4f16746a1cae4c65c
                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:16 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 28 Nov 2030 21:27:16 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.18
HTTP/2 200 OK
                                        
content-length: 49665
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UxzAAAvaPwq4FvqHjSphPz_jJgX4wuovmZ2Ptxlv42jEhjgChk5SLg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49665
Md5:    835a5fafb2dc8ba309d167b743205a14
Sha1:   f9e00d8f9eb4faa93e09751215df7a868718496a
Sha256: 91d8967a52ce750132c6f402792a1177b4461aaf1aad62ba3e013644151fc78f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afb0c0b06-OSL

                                        
                                            GET /a/display.php?r=1142861 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8afcf0b50f-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 20:56:07 GMT
Expires: Sun, 11 Sep 2022 21:30:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WNoyLfSG-dyAoakehvp44NRVJ-S2SWaGKEimevIp38BQhosQ1wwHMQ==
Age: 1870


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:03:54 GMT
Expires: Fri, 16 Sep 2022 05:03:53 GMT
Etag: "7dca3ab192555d1d2a5864be7ceee640875b1669"
Cache-Control: max-age=372395,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8c8b54fab4-OSL

                                        
                                            GET /a/display.php?r=1142855 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142849 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.139
HTTP/2 200 OK
                                        
content-length: 36038
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EhqaU1Sy2e5afmZ0mepr25Xh4n8ip4w5v7KBYcAvY7Q1yK34y5iOPQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   36038
Md5:    d1746bb2185bde692ab62afb22c19b06
Sha1:   5374c0af990ff0ef0b6ef72dae310fed51fd80d5
Sha256: 766ba9e0b1d9cd96628cd92281073e755c0d97e665e121c63e3cdb4b1a48e5f8
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Jul 2023 21:27:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3639
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 21:27:17 GMT
Last-Modified: Sun, 11 Sep 2022 20:26:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02842712AA229668A47AD46D84DD822DCC99A0E42D8C16005F287FC221079027"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=906
Expires: Sun, 11 Sep 2022 21:42:23 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "565E82ED2FF159DE980617DDF843EA226ADEA075940DA3E4C84E59E3F2D301A4"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11807
Expires: Mon, 12 Sep 2022 00:44:04 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            GET /MTNoc3YeDAsAS2dkMgsiAGUBJh17FloxL2Z1PSA+RVsyJTR3VT9DUEVaDE5BAwVcREIXQwEXSwMKTgACUEcdAEsAFQEdEF4OTgVLAB1YXUMIHVlVAwwCTgcGUFRVQlBBRxwfSwAFXkFPAgJeQUAAClk HTTP/1.1 
Host: lcreatessque.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.158.62
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCxpuoPqT6xx1Xza1nfWytmXisHjoX%2B1dAYzx9Eoc3r0uJOJil5bDSnFJ78njL%2FIwbwHVtTvPtNJLAmbQErPNvzjNk1NiA4uM9BjRHA1%2B0rq4hR3pbW%2FAYDRNoUZrn9Osf7z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e6b8fb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /VDJCeTF7DSEKDAd0EC1rDHBnS3cOdQwaYgxKLiBnLHskFAAmZykgFyBbJkQJYAFyTARyQisdDGcAZApFNUY3CgxlFCsXVzsPZA8MZBx6Vwh6A2QMDGUUNglQMw9zX0EgRi5EAGIEcEACZQRwTwNkCg HTTP/1.1 
Host: lcreatessque.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.158.62
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFNRBPOhhPwtdLEAXgMH%2BovQb27qzE46FkJ7wi1GBBpUTcY1%2FXLQIvW95cnyXCKwMku4njFVFzRa2ffJC%2FMondHZKOAPJYwqDRnbpedbnkdlFQSFfMdUumbCIKgCUEPtKshK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e6b96b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /c1hSbmNcZzEdXiVrEFsyJTQ1PyYfbAspLTELYQYLKg0+LAceYHQaChdlalpQQ21nSBMaPG9dUVUrJg8XBitvXFNDb3QHDRU3b1xFBWViQFtdYXxfRQZlY0gXAzk1U1JVKCYaD05pZFhRSmtjWFFFamNe HTTP/1.1 
Host: lcreatessque.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.158.62
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bosVDHCKRsUVX5qnbWIy5Jyn7vIfSx1c7460ddDG9NEybQQpHWlFeo6e0k0IWXGeuPETvsaGHjxcvWMG1%2B1ScLeZ%2BxDYcU1F7WfVByRmmPpzIW5EvFFmelpMTZxNKeFRTtmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c8e7b9eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7FADCE366CD829219A6788DBADCD8B53E4256FD97B8CF2CBD5805442E4DAE670"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sun, 11 Sep 2022 22:25:39 GMT
Date: Sun, 11 Sep 2022 21:27:17 GMT
Connection: keep-alive

                                        
                                            GET /SzRwT3oqVhMiRSoJEmkPOVhNakgNEUIJHnoEHDoXKkAVLBN/A0JhGSdbBSscOVseO1QlUQRqSA1QEn44DFY3fzcbTRcELyNHRQYWDVUoGCAyY0EjMAReJQs7Mw0ECxZzVT8MPwF3CBoxEXMxFjw8QAQrESR2NCVOI2ElPDEbXSYdIg5fCAYdfmUnfCMyfDEGPylgBys8PHVAAysGcDELCixzITcpG2cbGDgKeUgFSidSOxgsJGw1Jx4Sc0QaIg0BQSspfn0oGDs6diECGwBzPioiGVAfLD4FVid8LHp4GyceEnAhLikNQyIpSztwKHwWIWwcfzMFZ10aMgpfACY7DQEUFxcJBigZSy5QKB0ZCEMpJjM8WzMJSR0EOyMoEVIeFTEMcjonXCFHHyEKdnxDOC06exc3H38 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.12
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1171
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GjbuV_zznvYRvRKGbhWIfBTsQLEB8FtLZ8kvUVysQgc9fsjRhhZiaw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Size:   1171
Md5:    8eb9c3e3c79ac3d29448478435ae8d61
Sha1:   5fd3c5195faf0f2862d5a5c7df8432091b26cef6
Sha256: 23095b8508dcfd39b1e3e43937dca2cf796703bc662d50847b703a8fac8bb695
                                        
                                            GET /N21LaGFWDygFXlZQKU4URQF2TVNxSHkuBURVcxgCBwY8XgJBDmULDVgYLw4TWAM/Rg9SGW5aJ34PITkZZTsaJjYGVSEJGUcJHTAJRDosCyNUKg0hOVwkOicJAycYKixNPRxdDnk+AgYgbyQyLjJTGA0SJEIuLAMjbhcsODZbN38LBkMMHgYJWz4NPjd9XycJJFw4eicWYicZKxJALnoiOHwXDiMkXDwgCTB5DxgRFgMsJz00UxUBCiZQKywyDQMOGDAzWz48DBtuKhENNnEKOSEzbj8KWzREOywiFFRfCSQjBCMsMg0CKhlaI1khPFgpVl8ZICRmQAVZLEAZEz8IRxUTIChzCRw+BHUsCVk7Yh4MKTJ6VAMuJ28mIhAtdQMvUDhcLA4uG3UdEx9HXR4kBhEKFB0PMm00Ox4oAi48KSht HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.12
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1180
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ESzGZl4DKRnNuUXK3TIevT6bRoMMw_OFEx7A9O0hq5rkMwpVMCubCQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Size:   1180
Md5:    fb025e88bdc73658d5bb3c8adb2b6011
Sha1:   7e3e42652eb00bb7fc556b1916b607e8f0d414d6
Sha256: 90b9203af1cbd927d4c99f6d18d4aa356e1bd979908d338a5cb8e09e9522eb30
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AC7OURV0ffTYLQPnP1MqTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 23kl/YU5MKtTBZawj3LXtAyaPWE=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=334082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8fb82a0b06-OSL

                                        
                                            GET /gid.js?userId=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-length: 65
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    8af163e1116d2a4819bd95cef1c63f2c
Sha1:   3cc47059a7dd20c4a1c4b916073a0a363c29b7a6
Sha256: 69afbdaeefc273231f77329d0285c481b845a35cfa5b2d430765a1348b843277
                                        
                                            GET /sw.js?amNDdEwxQXRGfVxQdFZgSEFvVilaUXtMegxVbkEtDFNuQChdUW5Ne1sBbkAtUlB0QntZVXRBLUhPYUR8D1YgQ3RcTiYXdVxOdxJ6WE57RilaTntHfg9UcREtWVYgEW5GQTADbkZBKAcpAgotHyUeFG0cLQMRYVhuW1NtQW5GBSIYPw9PJRUgGQZvEi0GECYp HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1; zippyadb=0
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 39747
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"103046-1660075830000"
Last-Modified: Tue, 09 Aug 2022 20:10:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   39747
Md5:    8eb407280763dcf09beecf329aa120cb
Sha1:   188a5ee64fff4cca2640944ee7bee5c98472fad2
Sha256: e274b58ce593d021577bd2900e8377acfe92c1af4132ad52b78ee6d07149c6b7
                                        
                                            GET /IbjQxRVQNW18jaxpdVXhsWgcBcGFIXkIqOh4JSBMzPW5oNSInAXIyFSduFzEuCgkBYzgPWlZ4cgtaUnhlSFVVJ2laEkU1OwUJRCswC1JYKzEKEkQkaQNbSyw4AlUUdxJbGgFgZl4cSXRlSwdzYGZeWFgrIRYRA3UsVgJuc2BLB3NgZl5GR2BnLw0Ha2RHEQ-N1MwtXWipxXHIDdWVeBAB1ZUsGASM9HFFXKixLBnd8YkAEFzBpXw HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.18
HTTP/2 200 OK
                                        
content-length: 364
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N4Spl0mA1gmEDMcCnK7c1GDQSqatRVL4_k1NLOK7q1uWZOLQZnLVag==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (455), with no line terminators
Size:   364
Md5:    66dfd2d58e66bc7b6aa032e25f514d71
Sha1:   34aa35bfc627191a427e597de9d47450df1e8b89
Sha256: 7302ada2eb7ee372ec0ec76ccc9017d6108108fcbdb1ddfafa41c2aa3ab814eb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 21:27:17 GMT
Last-Modified: Sun, 11 Sep 2022 19:58:00 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U-0nagv6X1wxlPBCzuVsy9sHB4WqMMLu29FFBkIJebghexSrbXtnDw==
Age: 5357

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 23:32:40 GMT
Expires: Thu, 15 Sep 2022 23:32:39 GMT
Etag: "62cc1f087e85e1fdfb3ee9277e83ba7eba4b30ea"
Cache-Control: max-age=352521,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74937c8ffb0db50f-OSL

                                        
                                            GET /42/38?z=3519989 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 05f88ee11aeaf1f740609a0d765dbf4c
access-control-expose-headers: X-Sc
set-cookie: OAID=e1291c1607714728ae7b24f68edffdf4; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /utx?tid=721637&top=www112.zippyshare.com&cb=Ed08licAvxGQ HTTP/1.1 
Host: ablesasmetotr.monster
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.24
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: waGAqo5kgco-z-dnRBYsWsar-DTrerLKVvQiWeYGgHw4UOjcMb41iA==
X-Firefox-Spdy: h2

                                        
                                            GET /db1BGbG0MPygKUhs5IlFaXWZyW1lJOjUDAx9tDl8aOCEJCxUKZGAYFwttdkoBDj4hUUsKPiVRXEkxIg5QW3YyHAIEbTwdFwA0LQMDADpgGQxSPSkWBAM8J0lfKWVoXEhdYG4UXF51dS5IXWAqBQMaKGNeXRdocDNbW3V1LkhdYDQaSFwRf1pDX3ljXl0INS-UHAkpiAF5dXmB2XV1edXRcCwYiIwoCF3V0KlRZfnZKGFJh HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.139
HTTP/2 200 OK
                                        
content-length: 456
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fbjW6KIO2ecls6K5YYLOAgi_C2wMXhnGkbeoTsfc_3p1XOBse70qfA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (598), with no line terminators
Size:   456
Md5:    aa36adc6393b320644490d9d369ab6b5
Sha1:   674797d3e34159cfec771248c205ca807222d671
Sha256: 1fc515fabe5e1ebba9fa44310884ee74306981589eba37d1813709c3064ca818
                                        
                                            POST / HTTP/1.1 
Host: ksehinkitw.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www112.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
Cookie: JSESSIONID=1CFBD3A071121ECD0A654E63F30C8CF8; zippop=1; zippyadb=0; prefetchAd_3505448=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.230
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 11 Sep 2022 21:27:18 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Jul 2023 21:27:18 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            OPTIONS /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 11 Sep 2022 21:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12865
Expires: Mon, 12 Sep 2022 01:01:43 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            GET /static/advertisement.js HTTP/1.1 
Host: clksite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.192.101.24
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Tue, 13 Sep 2022 21:27:18 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (539)
Size:   157213
Md5:    d56ec5ec9ded3c6481df5c238752fd65
Sha1:   9730d062eb32d206278fc4dd56fa9f3794df571b
Sha256: 0efaf920c276337690bb3ed5fa677bcd7932b00d47ad212851f2dc02a0ca9e4b
                                        
                                            GET /utx?cb=pcYndZbGNGZS&top=www112.zippyshare.com&tid=726474 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.12
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VjqRQkPUeWRQYJh-i8Kt0v0zAFZ2YdEyfImv5488UosZv5WyZQ8faQ==
X-Firefox-Spdy: h2

                                        
                                            GET /multi?cs=c05vd1FEelxGZUd8VkNlQ3hbRWk&abt=0&red=1&sm=76&k=zippyshare&v=1.0.59.1&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_LoPo=1662931626420&crc=1 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.12
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 1515
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=800221ef-1546-4601-b14a-ff48ab926c84
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tj8JQlydK7x_qteYrZ2k-WVD-OXFTjNIVq3anQct1HAeFUkrR656Yw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3227), with no line terminators
Size:   1515
Md5:    577b91f15e55f056d2f2080a40acffb2
Sha1:   733e9a42dec6a489e80c5630aa41e2612c0d5fd6
Sha256: 7ff7928d4519855be12d9fd6f9091d561e5fc5fc3936dc7eb6e222d90bf770e5
                                        
                                            GET /utx?cb=7OrKtjaKBoZU&top=www112.zippyshare.com&tid=843055 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.12
HTTP/2 204 No Content
                                        
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 21:28:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KQuWNdHIJc0sPx_SDwtLVnFKz6hBY2st0oBghqEjuEyCiosnKeNyhw==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ksehinkitw.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www112.zippyshare.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=129 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9508dd37c64cdbbe43e7f579770b665c
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ksehinkitw.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www112.zippyshare.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5FF8781CE423FF2BC30D55EA474FB59F47B128B241369ACAB886178784F21E09"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4016
Expires: Sun, 11 Sep 2022 22:34:14 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            GET /floater?cs=aGRzcFVfVENJbFxVQUltXl1LR2M&abt=0&red=1&sm=83&k=zippyshare&v=0.8.9.1&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_KuRX=1662931626418&crc=1 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.12
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 3602
date: Sun, 11 Sep 2022 21:27:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=02c91f9e-8421-43e0-921e-cc4eee58463c
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ABP4ftkHvxd3PgbneNvA7lwVCtGE026as6D8YA2IrsWEgyzuZqX9_g==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5342), with no line terminators
Size:   3602
Md5:    15ed7edcda2f552700c7581fa34f53d6
Sha1:   5fd6637d27546a48e50f324abe7b55357421d57a
Sha256: 06b8eff7d7a90c805b518d3133d7bab3de5a3df308f918b75909343bbdae4368
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AFAB13B95AA08C5D36101E25E92886ACAFAC6268396E20A2D7763B951DE93F7E"
Last-Modified: Sun, 11 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=972
Expires: Sun, 11 Sep 2022 21:43:30 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.155
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
content-length: 45133
last-modified: Thu, 14 Jul 2022 23:23:43 GMT
etag: "62d0a57f-b04d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   45133
Md5:    36d8c29c866059b85b47752a6cc71b81
Sha1:   2d877eabf6710f66f5d7a3e265de997cf258ba32
Sha256: 0bbd2d8d16b4fd96c0a0dabecbd05ca573b30cd7079950d73b5dd68bde69a27b
                                        
                                            GET /1?z=3519989 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5b2a9adb56539fe86cd9cd34f0e1e3c1
access-control-expose-headers: X-Sc
x-sc: zIP_hStLSzp8ixCQcCeXawfiyZkjdoGB7dNxCMdBAgfMZls5HaNS2HDo4nR9jPDbtZIlq5ZXSv1tk4nJZmp3RHrnxxU=
set-cookie: scm=1; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None OAID=e1291c1607714728ae7b24f68edffdf4; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   114635
Md5:    e491b8fae0d995f7bcacc7d1393af3ec
Sha1:   cbff57bb97d45577bd69efea57b22809035559c3
Sha256: 65a057b2c16e568de5ed171fcea2c662029e70b004144b251c70a40569dadbe0
                                        
                                            GET /?l=ixIAK3WmGJhcnb8&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1351790769%26z%3D3519989%26b%3D14082265%26c%3D5881775%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62febf30c58abd0001fff58e%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DUvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D0c45010d-e053-4e15-9de4-2279efbb01aa%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww112.zippyshare.com%252Fv%252F3ZZOjB7t%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.155
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=GGaU2LJLxK0Ji2sPLE5WfGEgmVwCNU06SEF9xow5mJk; expires=Sun, 11-Sep-2022 22:27:18 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5213)
Size:   5092
Md5:    f35e550bc618987e738051ef321a25fc
Sha1:   5df26d5a5efa6a5043a2404f24a3dbc6669642ae
Sha256: aae07a861eb74b021393973b2a7817922832d877509fd0bfafeefb4b4c5473c4
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1dcf4996143a8972702f2b94728f16e2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7529
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7529
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Sun, 11 Sep 2022 23:32:47 GMT
Date: Sun, 11 Sep 2022 21:27:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 85605
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7635
Md5:    4ec2646c56c4c522f0744768ad20342b
Sha1:   ad1d9eee90556a359547dc7cbb6758aee2c804cd
Sha256: 0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13568
x-amzn-requestid: a2fadcbe-350b-4a06-9f9c-ee2da40bb285
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEESeHA_oAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317e742-4740aa3f4ebd479e7a4886ed;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 00:35:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jbF2ZaJUhIoJV-o4f6iviFyUnoDW4R0KHTfC5NySmITnsLbD5iJrPQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:11 GMT
age: 85628
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13568
Md5:    8625e0707046e7a3715a8dbb40b1cae2
Sha1:   0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
Sha256: abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 85225
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6889
Md5:    57d797a1c3f6589746a1135bdb19f54f
Sha1:   7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
Sha256: ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 32884
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8171
Md5:    eee5b4d617dab6f10d7053f5c4f4e98e
Sha1:   6c728c56797ba921e8001919df4d36e56dd37e54
Sha256: 76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
                                        
                                            GET /NUZoNWhuZF8HWQN1XxdEF2REFw0FdFANXlNwRQAJU3ZFAQwCdEUMXwQkRQEJDXVfA18GcF8ACRdqSgVYUHMLAlADaw1WUQNrXFNeB2tQBw0Fa1AGWlBxWlAJBnMLUEoZZBtCShlkA0YNXS8GXgFBMUZdCVw0ShlKBHZGAEoZIAlZG1BqDlQERiNEUwlZNQ1o HTTP/1.1 
Host: ksehinkitw.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: 260a94675e38e81ad590e06e44df2e03=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-UnRiautt3uBzEx98zzKJQunVKsA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20715
Md5:    3da8a3ce2f568b5d40209f075925947c
Sha1:   4de9affad299393b97b6a5f63a901a3baff233f0
Sha256: be61516d72d5c0d78c2ebadb22058cac5ccef055a11dc9994e5f387e4d5a0faa
                                        
                                            GET /apu.php?zoneid=3505448 HTTP/1.1 
Host: louchees.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
x-trace-id: e53df28b09437fdd978d685e0c79f0b6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:17 GMT; path=/; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:17 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   33442
Md5:    686594845408cd38c135ec99ad681963
Sha1:   9766db8ce4b517409f00c81732b3a0211de68e3a
Sha256: 4a53c465ac16f48a7af52d1a4c90c4dfe3ff65ccb7e31f77ee5a74e2f6a81d49
                                        
                                            GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.15%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2054eb466c24dadebf7a7efdb9de2c33
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:19 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11429
Expires: Mon, 12 Sep 2022 00:37:49 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive

                                        
                                            GET /thumbnail?i=beNnMsXYCPg_0&imgt=icon HTTP/1.1 
Host: xml.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 302 Found
                                        
date: Sun, 11 Sep 2022 21:27:20 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfFN2yI1d8yJycbE3LCpYUrx%2B0o3TI5v761ffb1M%2FguivGvGJvOg8WtKTanu4Q63c5JhSguagrmqMavQwfDJ%2FCn4mLntpZLBM4PRVFonbm7Iyts1kmmygO3p3XF6uAsiG3qKwTKuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937ca2cbd7b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "04AAD150E8412F7CBC24D810D0EDC8001C8B68364A56EDCD424E44B4CB503C0F"
Last-Modified: Sat, 10 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11429
Expires: Mon, 12 Sep 2022 00:37:49 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive

                                        
                                            GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1 
Host: static.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 11 Sep 2022 21:27:20 GMT
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1662931640.cds014.sk1.h2,1662931640.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mMfAfeFsfeBDupLisuD3qGgoaSb7hrohxBmg81zULuLK2crXfV8PXTqDZZ3R6aFQk3XHmn2W5BmhwY29iHTjXJWKAnkhfznGl04rc03h0VUnCJQCDSWmm3um7FlDBGpp1j3G77aNTglGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937ca3bd1fb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   88957
Md5:    0994ec31361ea569c5549063145bfdd2
Sha1:   9b270e9f7a346a0f0f60a978e154f49740350270
Sha256: e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DDDE6577BB6178E35DFBC5CA032D855F5731CF3B0162AC191FA7668937DB1057"
Last-Modified: Sun, 11 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7342
Expires: Sun, 11 Sep 2022 23:29:42 GMT
Date: Sun, 11 Sep 2022 21:27:20 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTTWgkRRSu0b0snpQVL3sYbwoy6Z6%2F9LjIYsxGgnGz7Cp6UqqrapJnerqaqq7pSU5BQXKSEQ%2F%2BnCpfsgnq%2Bnfw6CqdBQ8BIXOLaC6ePPkHi0fpMSb4oHmv3%2FegvlffV29vuxPWgOPH8y%2FqDUoSPtNpBPUnXg3DK%2FUlSt2oPoq6r3fbV%2Bpm%2BHSv2wierD%2BvxJqeaQZhEIRBWF8go%2Fp6NFOBoOxOL2z0gka72Qg7bYyMh3U1WF6DHJ6wR0BycuFe7RJIlEgHX84ru5br7KlrA5fwXBsM5f7L6VqqixSD87Jvauin%2B6fT0PZo4S50entKEXp4NhjThNW%2Bv4s43T8lhni4O%2BUWJ1ApYvkQimEJlZQgXkLot0DyiAFC4voy0sHedW0Kvv4vyit0wi7c%2FwtUTNiFny8hHXw%2Bl9CofksnLiedWoz6HjQqQSslMneAfIOBigOI%2FE2Q%2FIHN3F9COthdtokGST%2FdnagE9UskagxuGVz1EYPr1%2BCyGgbyuC7CMJwNpOBB1BOiJWdV3JVByGf7IQ%2BDbgQnKnpj5NkYIhlDmE1kZhNrNIZx74BsCcc9KPPI7F7UbgWdDpQ4vPrrh1V8BE7HddFq8ijqBL1%2BM4rjMG7NdkSz01PN6iTJFWI6vNr%2B%2B%2ButX1b%2FQEIMih9%2B%2BzubBmzqkTq%2FkxryMOqQncaOkfnh1bOpVQ8rGWzOMJQehWIoLEPBGQpiKHKGYuhvy8Q2rd%2BTiXVxeJqbp7nlt7MT9vBUjz%2FFa1hTx%2FV%2BIJpRv9duNaN2rxdHsj3b6kZdKUIZqXYkYem%2Frck%2BAG5r2KAJe%2FSn35BVTpHvIeYHsMkBBD0O7i6DFx581WMj9ZD6C8Gt40lmtO43hB4gyy8iX69tJyfssSmV7gdb%2F7tRYTwy4%2FEG3WNYSbZ2buqC7d7UhWVfLWc5DWiDV7a5lfNcPfjJC2q90EYuztvxx8%2BKCqjKOy8pmy%2FxVFK6YtmncySlMgvaCMW%2BWbSvqPiGs6tzzqQuW7rx3MLiIDPKWtJpCU5H196HoAm7%2BO6P0%2Fdw%2BbNnQKaEcR4Dd6YQSJcQ2SZsdt6zmsEk5%2F9xxlA4v2Oa8Xmz8kByLjV47Lftd7DkkVv2DwAAAP%2F%2FAQAA%2F%2F85umvMVAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1662931638&pid=91283&sub2=icon&auid=c32a88509f28bb1b375c259e21a7fdae&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: casualproof.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.19.5
Date: Sun, 11 Sep 2022 21:27:21 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3427ec9ecee6346be2590219a145bd3f
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7520
Expires: Sun, 11 Sep 2022 23:32:41 GMT
Date: Sun, 11 Sep 2022 21:27:21 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.10
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 11 Sep 2022 21:27:21 GMT
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 13 Sep 2022 21:27:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.153%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:21 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: aa6e558fe84736dfbe8d5546cc40356a
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:21 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /11?rnd=3227045583&z=3519989&b=14082265&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2449146cdca6d20d1c180457af814666
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None oaidvc=1; expires=Mon, 11 Sep 2023 21:27:23 GMT; secure; SameSite=None CNT=1_v1_2eDWAAEAAAAuSzk5; expires=Sun, 11 Sep 2022 22:27:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /15?rnd=3691667578&z=3519989&var=&rb=UvFYQwb-SJY3OscQuwCbeSCddR5PVqQX17vkhqdvgylRfS-0aI-p5VMzcpr4-agYxIKjYIJqNnwcq6RmjjNVo6gaPmm2S6dPopqPxpzBuIAySiA43iWf0Mo3fSXbykOhB0ppWcsX9Pmyb9ciCwEV0YL8FoD4egt35IIzCX1jLaaRsCK0vZfdAVk0XDXV8V1lwfxGbrEKC_2MRfRDUgsuhtgztD_uVolsHDQ5nfxKRWQ61ClWuFA_qKSMCU_Y_hKtmomYrNPm5ZnwEKlKuNTbnjgxLBOrYFYLTUSxU0Ol8AT8u9jiTqa5H5FFcwvYGECtz0UBvvbME0q1UReg8hJeLK92ZPvFX4wMvMO3u4Ad0bUzbIBnryo3lR1vtWI8RTvg9K0LrDeR6_Th5Eq92Lgj2ElBxDDLBkr9Ss1sgW-eYhbDJLY4oSUfvyM-yLgNO3cykhc-3c9mUSCda_rVsLd0KrQavEvimQZjpy0mw5PpAR4GTlikGGzCLcvoOCLRshpEEYQqHhSXFPRpTv7hxl5zNsvXJkx6rAk3uqzt4kkGlQ216d_aUEStePdqtN1xGaeEvtX0KOPEuoJMMamAXIPjv0K22PCRWJYDjcgu4ZoTs_fL8p_2E3bbZqaL0131ZpdtCJv4M9KSjAiUHkVkDk633A==&ruid=0c45010d-e053-4e15-9de4-2279efbb01aa&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A7.166%2C%22location%22%3A%22https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=6d9864addd7e4938b0c85bddd8e9e0d8; oaidts=1662931637; oaidvc=1; CNT=1_v1_2eDWAAEAAAAuSzk5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 67f33e97cf9aa2763e7f4adc42aff0cb
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:25 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /popunder.gif HTTP/1.1 
Host: lcreatessque.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.158.62
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 121916
last-modified: Sat, 10 Sep 2022 11:35:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BQktZoslrc53u3LIzUaGvdK3skqiYG1YaqYRB0AbVxbsk8FBvkJLF7NRfOfQZGiHJ2UM36u3OipZjJmQRfE93Rh2%2BUKMa52kHLTXOQnoElPdamulu%2BU1jtabcUD20ecW3rX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c8e6b91b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /27/55dfd372293146a7ca113106d0d608dd HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:17 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 07 Sep 2022 05:02:06 GMT
expires: Wed, 07 Oct 2082 05:02:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.86.231
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 11 Sep 2022 21:27:18 GMT
set-cookie: csu=1441818225237289@1@1662931638; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf%2FQ1Ekj6tvCOngnAvdcyP8NwPTdQHaxlE5njTIy876a3eLw9r2KCuEEyzdlsCohqxni4GWZREliEmBCVFxpu29IadqzTb0Qz%2FADnBRZhXd7z6ORgkpli4vw2d7UYVhM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74937c92e832b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.21.86.231
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4387
last-modified: Sun, 11 Sep 2022 20:14:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4XavOZPU9JiOKxZNUF20phAbW4GTUFsRAgWOqd0rmqGeZoV66KFn6Dd5h5NtpiCdvLzplyVMxIuyLORVBLdXJ%2Bz798tjgDa3JAth68GSdW%2BscInzbnfVSwNSJ7CwCOK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c92e82cb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www112.zippyshare.com/
Origin: https://www112.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.21.86.231
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4387
last-modified: Sun, 11 Sep 2022 20:14:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDuMPw8D1K2xnWnqgB4VQ20p7AwF0qYGeQkT0iHZmC%2B06k4sXWhZJ5Nb6%2BjPaWu5fOJZ%2BCm9NzYRoZ4IjMB%2ByamclGcaQjb7xF%2Bd8m5NFlynt2h7CAIaxRQmo4f%2FN%2BKx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c92e830b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /phpbb/abbcode_page.php?mode=click&id=1511 HTTP/1.1 
Host: www.officialdigitalero.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.174.233
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Sun, 11 Sep 2022 21:27:16 GMT
location: https://www112.zippyshare.com/v/3ZZOjB7t/file.html
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
status: 301 Moved Permanently
cf-cache-status: BYPASS
set-cookie: digitalero_u=1; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly digitalero_k=; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly digitalero_sid=c08a494de86b953752fd740974d3f9d2; expires=Sat, 10-Dec-2022 21:27:15 GMT; path=/; domain=.officialdigitalero.org; HttpOnly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuPbaKygYi7%2FIZW%2FmzTFnwv8DCRr5X4O%2FMK6fu01GQQpJ%2BghxtD09KP3T%2FZq9m%2Bn3vDko7MN%2FKfR4AtwSRaB%2FEOVR5jput%2BbnB%2FRIobw3I9rJm%2Bsg1wJ2EDQOdJM1i4RNvu1DGgzRVDq%2FnHzAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74937c87798db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww112.zippyshare.com%2Fv%2F3ZZOjB7t%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=6d9864addd7e4938b0c85bddd8e9e0d8 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 59
Origin: https://www112.zippyshare.com
Connection: keep-alive
Referer: https://www112.zippyshare.com/
Cookie: scm=1; OAID=e1291c1607714728ae7b24f68edffdf4; oaidts=1662931637
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 11 Sep 2022 21:27:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www112.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 60efa60436f32bba5e808531fcc6e361
access-control-expose-headers: X-Sc
set-cookie: OAID=6d9864addd7e4938b0c85bddd8e9e0d8; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None oaidts=1662931637; expires=Mon, 11 Sep 2023 21:27:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---