Overview

URL www110.zippyshare.com/d/tzq4tpu5/17103/l3050ecc-nosware.com.rar
IP46.166.139.231
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-24 08:02:11 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-24 2 encloseddealing.com/1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js Malware
2022-06-24 2 d24ak3f2b.top/advertisers.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-24 2 encloseddealing.com Sinkholed
2022-06-24 2 d24ak3f2b.top Sinkholed
2022-06-24 2 creepingbrings.com Sinkholed
2022-06-24 2 unseenreport.com Sinkholed
2022-06-24 2 unseenreport.com Sinkholed
2022-06-24 2 abateall.com Sinkholed


Files

No files detected



Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] www.maxonclick.com (3) 173326 2017-01-29 09:04:56 UTC 2022-06-24 05:06:08 UTC 35.190.68.123
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.95 Unknown ranking
[Mnemonic Passive DNS] encloseddealing.com (1) 0 No data No data 192.243.61.227 Unknown ranking
[Mnemonic Passive DNS] static.serve-servee.com (1) 0 No data No data 172.67.217.88 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] e1.o.lencr.org (7) 6159 2021-08-20 07:36:30 UTC 2022-06-24 05:38:32 UTC 23.36.77.32
[Mnemonic Passive DNS] broomacknowledgedpinch.com (4) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] clksite.com (1) 68288 2015-01-01 17:16:10 UTC 2019-11-27 09:37:42 UTC 173.192.101.24
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-06-24 04:59:01 UTC 34.120.237.76
[Mnemonic Passive DNS] xml.serve-servee.com (1) 0 No data No data 172.67.217.88 Unknown ranking
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-24 05:12:44 UTC 104.18.21.226
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-24 05:00:03 UTC 142.250.74.3
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-24 05:17:04 UTC 52.41.114.17
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.114 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-06-24 07:08:26 UTC 172.64.155.188
[Mnemonic Passive DNS] smereteret.xyz (1) 0 No data No data 54.230.111.75 Unknown ranking
[Mnemonic Passive DNS] simplewebanalysis.com (1) 0 No data No data 52.29.132.48 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] ocsp.digicert.com (5) 86 2012-11-29 12:49:49 UTC 2022-06-24 05:56:55 UTC 93.184.220.29
[Mnemonic Passive DNS] wideorganiz.xyz (3) 0 No data No data 172.67.145.197 Unknown ranking
[Mnemonic Passive DNS] historiousmor.xyz (3) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-24 06:16:47 UTC 45.133.44.10
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-24 05:05:58 UTC 54.230.111.7
[Mnemonic Passive DNS] creepingbrings.com (1) 0 No data No data 104.21.234.232 Unknown ranking
[Mnemonic Passive DNS] ghableleader.xyz (6) 0 No data No data 54.230.111.94 Unknown ranking
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] unseenreport.com (2) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] cdn.sb4you1.com (1) 22321 No data No data 104.21.51.177
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-06-23 23:04:34 UTC 142.250.74.164
[Mnemonic Passive DNS] r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-06-24 04:59:03 UTC 23.36.76.226
[Mnemonic Passive DNS] d24ak3f2b.top (1) 105412 No data No data 142.0.204.220
[Mnemonic Passive DNS] www.gstatic.com (1) 0 2015-06-20 09:50:55 UTC 2015-11-29 15:55:55 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] abateall.com (1) 0 No data No data 192.243.59.12 Unknown ranking
[Mnemonic Passive DNS] www110.zippyshare.com (9) 0 No data No data 46.166.139.231 Domain (zippyshare.com) ranked at: 41031


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.231

Date UQ / IDS / BL URL IP
2022-06-26 16:17:44 +0000
0 - 0 - 4 www110.zippyshare.com/d/tzq4tpu5/7320/l3050ec (...) 46.166.139.231
2022-06-26 16:17:33 +0000
0 - 0 - 3 www110.zippyshare.com/d/tzq4tpu5/8683/l3050ec (...) 46.166.139.231
2022-06-24 07:25:56 +0000
0 - 0 - 9 www110.zippyshare.com/d/tzq4tpu5/30517/l3050e (...) 46.166.139.231
2022-06-17 19:40:33 +0000
0 - 0 - 9 https://www110.zippyshare.com/d/2HPetcoH/3583 (...) 46.166.139.231
2022-06-17 02:22:35 +0000
0 - 0 - 4 www109.zippyshare.com/d/oc6swaoi/16487/revo.u (...) 46.166.139.231
2022-06-17 02:22:17 +0000
0 - 0 - 12 www109.zippyshare.com/d/oc6swaoi/8755/revo.un (...) 46.166.139.231
2022-06-12 13:32:02 +0000
0 - 0 - 12 https://www110.zippyshare.com/d/YZENOK7Q/1825 (...) 46.166.139.231
2022-06-10 15:53:19 +0000
0 - 0 - 7 www109.zippyshare.com/d/oc6swaoi/37047/revo.u (...) 46.166.139.231
2018-12-15 12:56:12 +0100
0 - 0 - 1 https://www110.zippyshare.com/d/u2mtbtGA/841/ (...) 46.166.139.231
2017-09-05 18:40:13 +0200
0 - 0 - 0 www109.zippyshare.com/v/5BA45I0d/file.html 46.166.139.231

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-07-04 01:56:38 +0000
0 - 0 - 1 peliculashdlatina.com/2013/06/madagascar-la-p (...) 185.107.56.200
2022-07-04 01:31:24 +0000
0 - 0 - 5 rbono.us/-ezp-24.html 185.107.56.199
2022-07-03 22:09:56 +0000
0 - 0 - 1 185.107.70.56/ 185.107.70.56
2022-07-03 19:51:15 +0000
0 - 0 - 6 wwu-roblox.com/games/1730877806/[FREE]-Grand- (...) 93.157.63.234
2022-07-03 17:05:31 +0000
0 - 0 - 1 iteki.pw/static/iteki-cheat.exe 185.107.56.55
2022-07-03 12:47:14 +0000
1 - 0 - 0 93.157.62.185/al.exe 93.157.62.185
2022-07-03 07:07:17 +0000
0 - 0 - 3 remoshomongtrading.com/ 185.107.56.60
2022-07-03 05:56:14 +0000
0 - 0 - 1 circle.tjhhylh.com/includes/templates/intexs_ (...) 185.107.56.202
2022-07-03 05:22:29 +0000
0 - 0 - 5 5h6z1.mespor.pro/ 185.107.56.200
2022-07-03 05:13:14 +0000
0 - 0 - 1 circle.tjhhylh.com/ 185.107.56.202

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (20)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (93)


Request Response
                                        
                                            GET /d/tzq4tpu5/17103/l3050ecc-nosware.com.rar HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=716E4EC94E2F88C48CBF11EB133767B8; Path=/; HttpOnly
Location: http://www110.zippyshare.com/v/tzq4tpu5/file.html

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6520
Expires: Fri, 24 Jun 2022 09:50:34 GMT
Date: Fri, 24 Jun 2022 08:01:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 24 Jun 2022 07:03:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S21hqwCU88xycdM1PuPE6ZTArLjrnFjfaTAGrOjKAt1Jzudw9pSJKA==
Age: 3513


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 24 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HGMJj7fWtesiHF8LESsRMGGGd2qQD_UFqxfOydeUsQXbCw8E65AlVg==
age: 21063
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v/tzq4tpu5/file.html HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: JSESSIONID=716E4EC94E2F88C48CBF11EB133767B8
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:54 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www110.zippyshare.com/v/tzq4tpu5/file.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:54 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 28 Jun 2022 04:45:36 GMT
ETag: "f291b6ac431f7304699f19f17d8c7f7d854946b0"
Last-Modified: Fri, 24 Jun 2022 04:45:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3357
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7203f02e8c560b02-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    f00001a26a1684d5a079f93d7e20d802
Sha1:   f291b6ac431f7304699f19f17d8c7f7d854946b0
Sha256: 3775a216c3aba4575d1d105d981b1d8ad82108c2973a473735b9489987fefedb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 08:01:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v/tzq4tpu5/file.html HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0; zippop=3; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF; Path=/; HttpOnly zippop=4; Domain=.zippyshare.com; Expires=Fri, 24-Jun-2022 20:01:55 GMT; Path=/
Content-Language: en
Expires: Fri, 24 Jun 2022 08:01:54 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41981), with CRLF, CR, LF line terminators
Size:   39520
Md5:    242230ebbadf1c55292bdca67aa35823
Sha1:   e2a3ea0449f7dceb7697311a15a306f25efae335
Sha256: 338d1e29072509b7e22d2e55f4fd70c30e20b2dcf2b05e6dad878ad5277fcf5b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1524
Cache-Control: 'max-age=158059'
Date: Fri, 24 Jun 2022 08:01:55 GMT
Last-Modified: Fri, 24 Jun 2022 07:36:31 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 08:01:55 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.114
HTTP/2 200 OK
                                        
content-length: 49642
date: Fri, 24 Jun 2022 07:25:40 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tHbJmgkHG1Sngj0VewQ5jz9iYzSpEh9Lmw6Q_Vb93mfdMlktgFUyYA==
age: 2175
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49642
Md5:    00dca3dfe238c8ee6cbcf0aad0bda8f4
Sha1:   c7bee0e2f0448520ba4cbb0059207396b00378f9
Sha256: 54b721d2f87413b45c88c906bdf47de8f4c2648fcd02ffa3cabbe1834efcfca4
                                        
                                            GET /sw.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593519,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp4
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203f031ef8a0b02-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593519,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203f031e818b4eb-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593519,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203f031ea131bfe-OSL

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 08:01:55 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Fri, 24 Jun 2022 08:01:55 GMT
date: Fri, 24 Jun 2022 08:01:55 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   554
Md5:    ce162114d45c6656353a75cb0769a10f
Sha1:   0a6e552d73684b761d8e9d8a4cc4a2a691393eed
Sha256: 57923bce1844f8dd88d832cb6179725b806abf05b3fc1310a3c123c1ae50f48b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0w69wLtXqTxcaDjtI/biPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.114.17
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J+/hpN9q1E/alL2ivb7+V7Vud70=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D7DAFA5172DE1B8BEE3B42CA818DC87A5C79F68B264145703F51C7D009B5C27"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1831
Expires: Fri, 24 Jun 2022 08:32:26 GMT
Date: Fri, 24 Jun 2022 08:01:55 GMT
Connection: keep-alive

                                        
                                            GET /a/display.php?r=1142861 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:01:55 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142855 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:01:55 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142849 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:01:55 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2022 07:11:58 GMT
Cache-Control: max-age=3600
Expires: Fri, 24 Jun 2022 07:39:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p6-MYxwv6SqoUa5p0dqRdDg8pNDYcte2h9RGFenFMK2s99i-L6d5mw==
Age: 2997


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593519,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp6
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203f03388d20b02-OSL

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.95
HTTP/2 200 OK
                                        
content-length: 35992
date: Fri, 24 Jun 2022 08:01:55 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DtdS3jVtM4vIg80QioGVK2Q4NlCJKbn4Cqg0rROShuUFJIB0BHKsqA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   35992
Md5:    da5f52a22bae0ed23f69610900b514fb
Sha1:   cf1c741569ea646662929a3b02f809bb368c0fcd
Sha256: c081420aa7d10016f346ab30155aaa22900335174fad5c1f4e400ad7ae8b2f29
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 08:01:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js HTTP/1.1 
Host: encloseddealing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:01:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9dab7667feae618b0f87657446a39c60
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (53780), with no line terminators
Size:   17183
Md5:    120483a7ff9351ca61f26fa6d061ea36
Sha1:   e2e343155de28c503467046eb455062d890c3da2
Sha256: 044f63e1945e306c76a1c964c7757a767b76cf08f8e705bbc9700baabb0f5513

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=129551
Date: Fri, 24 Jun 2022 08:01:56 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 20:01:07 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=129551
Date: Fri, 24 Jun 2022 08:01:56 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 20:01:07 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3283
Cache-Control: max-age=126400
Date: Fri, 24 Jun 2022 08:01:56 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 19:08:36 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C8CE8D8DC46E08AC8D9070F15C32E97203A14B22E8B3C3766FB62CDA90102BC6"
Last-Modified: Wed, 22 Jun 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18830
Expires: Fri, 24 Jun 2022 13:15:46 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=129551
Date: Fri, 24 Jun 2022 08:01:56 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 20:01:07 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18065
Expires: Fri, 24 Jun 2022 13:03:01 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            GET /dU5JOUJacSpKfyQWC0sTGyJ5aARMeB1xFDIZAWsSFhsLWiEwJW9NKxFzfgt0QXl9HzIcKnQLe1M9PVg2AD10CGQcIC9Wf1M4dAhsRWB8AWxHaDwEc1M6OVglSH9vSTYBInQIdEB4eQx1Qn94C3ZD HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCcVZ03ejud%2Fbh1ysvbJZpyJVpS0oVrFnDAgSrT715PRXbrGLSzuV%2BeK0OU3al5mdKzyvJb3R7oH%2FeeWyM8FYwxVktz42apwL38BylEWn7bgZlXqQhm2DWlUK4%2BNMxNi41I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203f0353dc5fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /eTVQeGtWCjMLVi5bGhQKFXciKgc/UQo/EzhjFgAMGwUaGzw+eHYMAh0IaExYSQBlXhsQUW1LWV9GJBkfDEZtSltJAnYRBR9abUpNDwhgVlNXDX5KTQwIYV4fCVQ3RVpfRSQMB0QEZk1dSQBnT1pIB2ZM HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDm5XnX6xK7gd3lSvyr%2FlS%2FWmWXnlgxM8uEXaji558IvbwZg%2BuRoWZUeSN%2FnDMLRP27kMsW7j1muCIda0N8h2koSzsRzG96y7lq%2FfMraWdQyR6UhhpER5a9ksy%2BvUYmCJGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203f0353dc8fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /YlB0b1hNbxccZSwGH10JNhkxDQkoYjYIFhASRwwbIxcfPzsVFVIbMQZtTFtrUmVBSSgLNElcakQjAA4sFyNJXn4LPhIAZUQmSV92Wn5MQWpEJUlefhYgFQhlU3YEGywObUVZbVRgQVhvU2FGWWk HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2c%2FkkbrZilVgQqbWj1dnRMfJlPW9mZOWrUErEd1ueCmg7YkXGjYRSYgJP%2BGzKz6cIsV5%2Bg6ymCgEyl70mknLuesWTX6RcBZuIkEHSYz8akyyRYb9rrWfbLcAM0zloNQDTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203f0354dcefabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NUR1MjlUJhZfBlR5FxRMRyhIFwtzYUd0XQR0GUdUVDAQUVABc0ccWlkrAFZfRysbRhdbIQEXC3MdI1kBARAzZwh8AixDWFwNGGpxcy0velJ4IUd0Tn8RBlh2TB4MU2oNFDxhUUEIAmdgUDNMQ3BmMwdwYU0+OlsMYg9HWk5+KCxEWHIgBWVqUncUAUpQCzZnDH8FIAR2YS9BZ0BWLztIY20lHHMKViggWHVPfB9kegQzL3NSex0YZENTFR1ZdWIgUAB7fRxNaloGdDx7fUJwOll7RR5Hawp0DBp5YH03EVRBUT4TY14Qdjd7Cnt8EGpvXyE9CmtUExFfcnNpRURpXygEcV5FKi9cDXwiMmBUUyxEFwt3HiFzVGYtHkh2YScRVFF7MhBgYw0nDHxAdhVTWEpaKgUPaFYeAlVsVhQ7Bg4 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.94
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1174
date: Fri, 24 Jun 2022 08:01:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sXRcaM4RZ8fznoUyEIe-zKeVuUfyTguGdCc6xjo05i9C6u1leYOnuA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3016), with no line terminators
Size:   1174
Md5:    c37a5aa2d2ab2eb0fefc7e30cc8313e5
Sha1:   6b305beb6f3679c6399e1938770c23cae0aa341d
Sha256: 1f3d8c35da58ff92210c74264acd3e3de7d384f30c6e78d36721f7c329aeacfc
                                        
                                            GET /aHRZVk4JFjo7cQlJO3A7Ghhkc3wuUWsQKhtMYSYtWB8uYC0eF3c1IgcBPTA8BxoteCANAHxkCDEhDD4ECUUALwQRFxc3HT0cFQAUHS4BInswGRdlBwIbHBkNLkUWAjkyFR0xdiAcYQweKk0XHycbBz0QOh8kCj0gLDMtZQI7FxA3fCoBEhd2WBYRLjggDQBzfCo9agcrJzAMIgIfPW0YDRACETwqGz4KDxw4Dmk9BS1BMhB9WRoOZQACER4TGjJGGyIrARgjD30PGBg8KQM5Hi4UMh01ISgSJj4MGVlCEg4AAhEdJSoLRhAcLS5FbQ8ZLgcOARdaOAp7ISk7AQR4LEU1OxcgHGwBIzITOw46CjkdMXgkNWljBT9FbhoZURoDOCImPWsue04eKjkgGEkpAQFRBCwjByAADw HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.94
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1171
date: Fri, 24 Jun 2022 08:01:56 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UsV-5VXGoX8zSkcIRRlXNHOP3K7dy2392P823pAG_xuTIkMaDCGFzA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Size:   1171
Md5:    310ef3452143fe1369cfa25033bdf58f
Sha1:   39fe46ec20f7a53e4d85b2ba8fa84448f88c5c59
Sha256: 8de145218a772a8efc2dcdb8d0adb2986187cda0b06a79735617f130d5abdb83
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "15BC297329337278BE579BB139472CE42EF1A6DF800D140267FA11A1BDFC51E0"
Last-Modified: Fri, 24 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1552
Expires: Fri, 24 Jun 2022 08:27:48 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18065
Expires: Fri, 24 Jun 2022 13:03:01 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:56 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 23:32:36 GMT
Expires: Thu, 30 Jun 2022 23:32:36 GMT
ETag: C29545E1D326B7F5C8210193B4A6A43258A085A9
Cache-Control: max-age=573639,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203f0374f23b4eb-OSL

                                        
                                            GET /sw.js?TnJlcksVUFJAenhBUlBnbFBJUH59RwZBc3hKSBR%2BK0FIRn4rS0gTeHwWSEF9fUJWEH55QgEXKmxeR0EueUdTE3l6XwYXcndfUUEufF8EEygoX11DcnoQB0YofUJURGliUBYFaWJQDRs4Oh0XGyQ7AQgdOWAKHAhpYlBUQmV7UEkUKiIBAF4tLx4WF2coEwkBLhM HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:56 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            GET /YUUhJa1YyJycNaSUhLVZuZXt5XmN3IjoEOCF1OTwZaDg8Hh8ZPB9NIissdFtwPSknDGt3LScIa2BuKA80bHxvHyY+I3QeODUtLwI4NCxvHjdsJSYRPz0kKE5kF31nW3NjeGETZ2BteilzY3glAjgkMGxZZilwfzRgZW16KXNjeDsdc2IJcF14YWFsWWY2LS-oAOXR6D1lmYHh5WmZgbXtbMDg6LA05KW17LW9nZnlNI2x5 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ghableleader.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.114
HTTP/2 200 OK
                                        
content-length: 350
date: Fri, 24 Jun 2022 08:01:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0ajvcRo5flXREU0Dk8GYCWe5h-JxTv2nR2mCHEdEF0KC7YOR0XZ1WQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (443), with no line terminators
Size:   350
Md5:    2bb4baedc4913c6d038954259e4163b2
Sha1:   a71aaf9cbd6e20e5b2ff8eb078bef4a53c170d1c
Sha256: 0410250670598487555a4b20b7f468c020ee1bcf4f2cddfadb88c919a71fbcc6
                                        
                                            GET /utx?tid=721637&top=www110.zippyshare.com&cb=UOKpcIhGNhrs HTTP/1.1 
Host: smereteret.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.75
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:02:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4QNLMdEPoEjxmViw4mhh3g60AaqoVPYL8p8WYxTBqP22dUCLXGXpTg==
X-Firefox-Spdy: h2

                                        
                                            GET /ca/66/21/ca6621f64bcdfd0a5aa2af7c57675832.js HTTP/1.1 
Host: broomacknowledgedpinch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:01:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75e4782452901ab0e82909347200331c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33844), with no line terminators
Size:   11418
Md5:    420a0512024f59582473c1872436d889
Sha1:   70511378bb33365bd3358f36e8990047678ac9cc
Sha256: 49517a17cfe51145b04068cad44b6076270a3488e4b90a13e59fa38e732c66b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43A13B73C14A970CF96F9B6FA009E96A4DDF436C4A58CCD40C608B0B8D5A9595"
Last-Modified: Thu, 23 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20867
Expires: Fri, 24 Jun 2022 13:49:43 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            GET /YVk84TFU1IFYqaiImXHFiZHkMe2FwJUsjOyZyaS8PIShtLwUYew9qISwrBXxzOi5WK2hwKlYvaGdpWSg3a3seOCU5JAU6OTk4UyckNzZXaiA3clUjLz8jVC1wZAkNYmVzfQhkLWd+HX8Xc30IIDw4OkBpZ2Y3AHoKYHsdfxdzfQg+I3N8eXVjeH8RaWdmKF-0vPjlqCgpnZn4IfGRmfh1+ZTAmSikzOTcdfhNveRZ8cyNyCQ HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ghableleader.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.95
HTTP/2 200 OK
                                        
content-length: 441
date: Fri, 24 Jun 2022 08:01:56 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: itbhACmhwuf0QZttytqQgo628Dm9w_IraCxPjSCLCxOsazW9P6IDwg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (583), with no line terminators
Size:   441
Md5:    f07b2d23e0f1db6915a6e2e0e59e45c0
Sha1:   dc3393ceed7748b4a00850844ba72ef909b42324
Sha256: 18a6f70d7498e4d3855bf59bdfd0b203986b24d5124b1593d8925eb6f8a4444e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EC5F1704950BBEC18A5F5BC27BF4CAD5C28CF5F1149F5AD6FFA351EFD6A97F8"
Last-Modified: Thu, 23 Jun 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2321
Expires: Fri, 24 Jun 2022 08:40:37 GMT
Date: Fri, 24 Jun 2022 08:01:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107303
Date: Fri, 24 Jun 2022 08:01:56 GMT
Etag: "62b45cf7-1d7"
Expires: Sat, 25 Jun 2022 13:50:19 GMT
Last-Modified: Thu, 23 Jun 2022 12:30:47 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kamY0_DrcGeEW-WrBaeZT-nhtGb9I2P9acr-9fLXA0oNn7HgnAY4pA==
Age: 4772

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: uid_id2=6b524b07-4aa0-4162-947a-896ed6b01e6d:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.132.48
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    1474a6965643f4efbbabcf1cfdfc14b4
Sha1:   56b5b7a6e9d54a6b6a7fe06fd294d19222c7894c
Sha256: 2cf001053da5598f20f4d52ea95cf01fa87a71717abd2c8e66f7f482ed71cf09
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 383
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: d24ak3f2b.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.0.204.220
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 08:01:56 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; zippop=4; __utma=46003887.1415925356.1656047167.1656047167.1656047167.1; __utmz=46003887.1656047167.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=EE988AFDE5BCE659EAB17F4615A9A6BF; ppu_main_1d3584ff950f38d5b2e10bc2994be620=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6b524b07-4aa0-4162-947a-896ed6b01e6d%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:01:56 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 08:01:56 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146545
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Jun 2022 00:39:28 GMT
expires: Mon, 19 Jun 2023 00:39:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/javascript
age: 458548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (618)
Size:   146545
Md5:    edbca8e066da9cd6310dada3c125ccf4
Sha1:   22f45ed309e828212484a03cc7d0e629834e8a76
Sha256: fcab033160e1ba423ad7a42e0bd67ec5820e1ed6751765de935960e502e623f0
                                        
                                            GET /utx?cb=HNlybVkc8oX6&top=www110.zippyshare.com&tid=726474 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.94
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:02:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R9YR0upJjlVFkSZI-4fVFAMINIbk_DHerZ6LBID1n0RkAY06WKIyPw==
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:01:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /utx?cb=s2UN8nBPsjEn&top=www110.zippyshare.com&tid=843055 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.94
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:02:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ddtKcU1KJnOG7gKq-ur9YVOIGTLMuTrmKSMcBXEMwS3seeO1b7eTLA==
X-Firefox-Spdy: h2

                                        
                                            GET /multi?cs=YTBiVFlUAFZsbFUGUWJvUQBVZmk&abt=0&red=1&sm=76&k=zippyshare&v=1.0.58.2&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_7JN3=1656057711431&crc=1 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.94
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 1404
date: Fri, 24 Jun 2022 08:01:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=f12b7359-3d8d-4202-9d4c-a3c66be73c83
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jg771RXK2iIlNMxhlYbbrofPfRuUAtLCh2V-lcIIb1qSxi7hPNN_Pg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3035), with no line terminators
Size:   1404
Md5:    44a2cc308a99d1d321f757698a0e6aad
Sha1:   9f8ab3b3cae36f3ef05e3ffd75714340d8d75d0c
Sha256: 69ff561933f103a0013426e18c905177ab2cab22962f73ffb5e686d694ae928a
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /floater?cs=M3pKdTICTn5CBgVIe0MCBkpzRwE&abt=0&red=1&sm=83&k=zippyshare&v=0.8.8.2&sts=0&prn=0&emb=0&tid=843055&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_FdF0=1656057711430&crc=1 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.94
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 3603
date: Fri, 24 Jun 2022 08:01:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=c66eaaf9-f1f3-4ef1-b7f3-4448cbfba680
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4zKbnNi3J9B5kivEBpcgIxFBK2OagstmVpi9oMYVf1qpS1ABGPsGIQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5330), with no line terminators
Size:   3603
Md5:    ff9142acbd2380831ca07c95280fe425
Sha1:   b21542ab10615e51eb40b87a689b40675fe7d45b
Sha256: 6de28b61bdbe8c427ddb25d33a450e345b2477c6f0c4a29708d28c4684647d0e
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14498
Expires: Fri, 24 Jun 2022 12:03:35 GMT
Date: Fri, 24 Jun 2022 08:01:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14498
Expires: Fri, 24 Jun 2022 12:03:35 GMT
Date: Fri, 24 Jun 2022 08:01:57 GMT
Connection: keep-alive

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.232
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:01:56 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5d6fb9decf2d3fad2ffa33b7441255f2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 24 Jun 2022 08:01:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGiayrtNpHoVD6r8ea4AA2RTOCgHJQDEbaiP5TQYIJHxj%2B1dE90PgH4asEiKcqhN8zLx8wEe7FZ7REg%2FPFpONrr9fVplPCzMIdycvuMZR%2FRsXIw8alerWGC2leLl6I%2BX0jwPSLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203f038aa77889b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   14799
Md5:    18e38c6630ef04f162451f9b4090bc79
Sha1:   6be9402ceb21d0604455fe57b48e144ab7813302
Sha256: 7bb27b7d58d327c5b0b5c071b949f477abccc9ad8a8746f3f4dde28be96c4600

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14498
Expires: Fri, 24 Jun 2022 12:03:35 GMT
Date: Fri, 24 Jun 2022 08:01:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14498
Expires: Fri, 24 Jun 2022 12:03:35 GMT
Date: Fri, 24 Jun 2022 08:01:57 GMT
Connection: keep-alive

                                        
                                            GET /static/advertisement.js HTTP/1.1 
Host: clksite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.192.101.24
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Sun, 26 Jun 2022 08:01:56 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11693
Md5:    e04ab076b3e744e63509db9bc22b0154
Sha1:   baefad1fb1b27f5c019b6e833fdc40ee08d54f88
Sha256: 99aef67591b4bd8ba4640664fc129667486d48a57563fd3191a97948ad75b61d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1749b3b-0d9b-43a1-8965-f7f13602c892.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7281
x-amzn-requestid: ed27e890-50fd-42e3-ae91-6ea788e157f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BhG8JoAMFppQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50209-479195105ec805f252173f07;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dW71IPIO0pvMPqUTy5s8MzPgXHF-_C0vcvAdZ0QNiMSWcHfSvcznpA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:33:48 GMT
age: 26889
etag: "7de1e1a3d5278c4a95a6c41707de9f42b340df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7281
Md5:    e13f75fbc853ddadb00c907e132f0772
Sha1:   7de1e1a3d5278c4a95a6c41707de9f42b340df9a
Sha256: 495b9150ad122944a29462010c86648c4b9b8a83b70686d1e0557cb93111d2a0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70668163-c258-4c3d-b86a-8a7d4076ca0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7832
x-amzn-requestid: 64bca05b-0072-4e37-aa70-169fc3358556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1GTFgxIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50228-1960739d6448adb40e4e6f34;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uwhl3CTAqrRF1ojmlkvQ3zduF7FaD9tNXw4iPqdPo2Rz6pZqoX2wwA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:33:40 GMT
etag: "97adce482723b12ab810aee12ab815aeb3368a70"
content-type: image/jpeg
age: 26897
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7832
Md5:    ae5b94aba05491de3a3aa9421404f1ea
Sha1:   97adce482723b12ab810aee12ab815aeb3368a70
Sha256: d3f44f90be9140a768857675dfc93a7d0355f2fd024e5ce48477c50f2d1cfbe0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd7f9a35-0e8a-460e-b220-6d735af41155.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8983
x-amzn-requestid: 627a7551-ca6d-4b1b-b794-956df9b5487d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UMz6RHgpoAMFyKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50041-6c9d1ed4728c796230f8630e;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:07:29 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bqEUkBIE90v5mTTgWDVS80-exnhBWN8NLPHX9A28F6uQQ74lG4ZOEw==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:23:18 GMT
age: 27519
etag: "09043e8c1fc47eb1113e4a34da30b3047a73f835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8983
Md5:    eb1d09ebdf227ca72fbb08c09fbb92ae
Sha1:   09043e8c1fc47eb1113e4a34da30b3047a73f835
Sha256: df8bb827f695f360f8b9e8f14b2b45a6af27cb2213808cecff3ea59f75cf66cc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cb4f6e-df9f-446a-8b16-1f284ec23380.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7370
x-amzn-requestid: d45737cd-4f25-49cf-97f9-6951fdf6dcaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T1vziGrPIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62abc67c-643f4ba678e8e9360c91a914;Sampled=0
x-amzn-remapped-date: Fri, 17 Jun 2022 00:10:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z9ux63ENfi7U1x1OaTKITGJx87rInRUpuJtrL3X0vTBj1SRhP1VdUg==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 12:41:35 GMT
age: 69622
etag: "cf69802d408cf61cca9aa3cf71d281f2ec68d6fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7370
Md5:    76c3acea6c99cc69d2372f2489b13a06
Sha1:   cf69802d408cf61cca9aa3cf71d281f2ec68d6fe
Sha256: cfd0c1d8ac7c753dc5f0fcbf54e42c8ef5033c52529de248ce8b101e9221b1ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92d82a42-6b15-49d4-909b-032f805d3c47.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4253
x-amzn-requestid: dc2f230b-d9d9-4d10-af7c-f7c7c92eaad1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BYHgZoAMFzqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50208-282d2a0d707326a647d17b82;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MsQNllN96JiXwoPPx6dhqZdIz7jsup0Q0VuwbzmYGsscB0uhTsF8Yw==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:48:35 GMT
age: 26002
etag: "e5f4947c997c4d9ba9a1a2b6696aef163655b808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4253
Md5:    d5983f34363faf36540f0fb6806435d8
Sha1:   e5f4947c997c4d9ba9a1a2b6696aef163655b808
Sha256: 31ae38c2c9446152b979340de0c1c43e3e2060ba8abff66dc2e0b5d5f676379e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "068E579FBBEB0061A16F92109D9AE92D9164C86F613BC2FC8BFED0D0EE9A863F"
Last-Modified: Wed, 22 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8405
Expires: Fri, 24 Jun 2022 10:22:02 GMT
Date: Fri, 24 Jun 2022 08:01:57 GMT
Connection: keep-alive

                                        
                                            GET /pxf.gif?uuid=6b524b07-4aa0-4162-947a-896ed6b01e6d&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=1d3584ff950f38d5b2e10bc2994be620&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:01:57 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bf3b70ebaf6496717046c7c947fe8881
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=6b524b07-4aa0-4162-947a-896ed6b01e6d&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=ca6621f64bcdfd0a5aa2af7c57675832&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:01:57 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd1a892f92524ec14652634691d23ddd
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9F16B283197C925F7D27F63100EBCB1EB23BCA1544C75B5D870C9072BAEE0AE8"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10696
Expires: Fri, 24 Jun 2022 11:00:15 GMT
Date: Fri, 24 Jun 2022 08:01:59 GMT
Connection: keep-alive

                                        
                                            GET /thumbnail?i=C3rnkf8oYg0_0&imgt=icon HTTP/1.1 
Host: xml.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 302 Found
                                        
date: Fri, 24 Jun 2022 08:01:59 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TchQrDy8yuk7bA4OQokmU3gf2fURCFkFHSDxfl4c%2BPXYCNVo5%2BQvx%2BFlrlSZcVwIw%2FxXGmMcLGCgBW0ehE3BAjWZoJQ%2FaoOALEWp%2FjbUnwW5ODnZtRb6oYq25a8sN%2BI1FrZgnCOWmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203f04aae54b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1 
Host: static.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:01:59 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1656057719.cds017.sk1.h2,1656057719.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwtxCK%2Fns2hZAu5mjH44GRMNiqSU2FUE%2Bm0ZqPD27Wg0OLcxfMswR%2Fz7q2PrQALUYMn3JeAlr0NA1z2XEKJcIkbQ%2FRCRbtP4a0Wy9QSX7D0hjxNJHUzOltN%2Fhcle7JggOwQPTL75N7C9fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203f04baf3bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   88957
Md5:    0994ec31361ea569c5549063145bfdd2
Sha1:   9b270e9f7a346a0f0f60a978e154f49740350270
Sha256: e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9F16B283197C925F7D27F63100EBCB1EB23BCA1544C75B5D870C9072BAEE0AE8"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10696
Expires: Fri, 24 Jun 2022 11:00:15 GMT
Date: Fri, 24 Jun 2022 08:01:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4488F9BF923694410F93E08AD9666BCE77BC566C66EB39A9626F31CDC011241A"
Last-Modified: Thu, 23 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8371
Expires: Fri, 24 Jun 2022 10:21:30 GMT
Date: Fri, 24 Jun 2022 08:01:59 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0fWweFJWFBQZbwoy6Z70%2FHIPizFGwsbNuuuiJ6W6qjp5pqerqeqanuQUFMWTDHrzVPmSTVCDqzcvrtJZ8BAQMreA5h9Q8BcseJMZY4IPivfqfe%2Fwvfq%2B%2BmDLnbAGHD%2Bef1VvUJrymVYjqD%2F7Zhheri9R5ob1Ybf9dju6XDeDF3rtRvBc%2FRUl1vRMMwiDIAzC%2BgIZlejhzAQE5fu9sNELGlGzEbYiDI2HdTVYXoMcnLBHQXJ84V7tEkhUyPpfzSu7Vuj8%2BZf7LuWFNhjIvVvZWqbLDP3zMjE1JNne6TS0PVq4C53dnlKEHpwNxjRmtR%2FuIs72TokhHuxMucUpVIZYPoxyUEGlFYhXEPo9kDxigJC4toysv3tNm5Kv%2F4vyCTpmF%2B7%2FBSrH7MLPl5D1v5xLaVi%2FqVNXkM4shokHDSvQSoXcHaDYYKDyAKJ4FyR%2FZDP3l5D1d5ZtqkHST3cnqkBJhVSNwC2DmxxicEkNLq%2BhL4%2FrIgzDTiAFD7o9IWZlR8VtGYS8k4Q8DNpdODGhN0KRjyDSEYTZRG42sUYjGPcRyFZw3INyj9zudqPZoNWCEodX%2Fv7l%2Fae%2Fee1XcDquN1tJlASdVpOHUdAKom4sZSBCJaNEqKgtENPhlVuth%2F4I7lxFSgyKH373O5sGbOaROb%2BdGfIw6pCdxraRxeGVs6lVDysZbMEwkB6lYigtQ8kZSmIoC4Zy4G%2FL1Dat35WpdXF4mpunedZv5Sfskakef4q3sKaO60kgmt2kF802u1GvF3dl1Jltd9tShLKroq6Epf%2B2JvsAuK1hg8bssZ9%2BQz5xivwEMT%2BATQ8g6Blw9xR46cFXPTYyD6n3ecwLxdO0IXQfeXERxXptKz1hj095RIM7%2F3tOYTxy4%2FEO3WNYST%2FcvqFLtnNDl5Z9vZwX1KcNPvHMzYIX6sHPr6r1Uhu5OG9Hn70oJsCk3H9d2WKJZ5KyFcu%2BmCMplVnQRij27aJ9Q8XXnV2dcyZz%2BdL1lxYW%2B7lR1pLOKnA6WvkYgsbs4hOd6Wd4cvlTkKlgnEffnckD0hVEvgmbn%2FesZjDp%2BT3OGUrnt00zPm9ODJCe6wwe%2By37PSx5FJb9AwAA%2F%2F8BAAD%2F%2F5XIxjZRBAAA&ap=${AUCTION_PRICE}&l=3438255&sub3=1656057717&pid=91283&sub2=icon&auid=25f4f0752a1405048bdd0c1ed4fce46c&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: abateall.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 08:01:59 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41a657de5e376a49bacdf916f27686fe
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B494E4413A824900A570C70F6E0DEC62E18CC1CCF88AB669A8BB3112A74164E5"
Last-Modified: Wed, 22 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3826
Expires: Fri, 24 Jun 2022 09:05:45 GMT
Date: Fri, 24 Jun 2022 08:01:59 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.10
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:02:00 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 26 Jun 2022 08:02:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /sbar.json?key=ca6621f64bcdfd0a5aa2af7c57675832&uuid=6b524b07-4aa0-4162-947a-896ed6b01e6d%3A2%3A1 HTTP/1.1 
Host: broomacknowledgedpinch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:02:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www110.zippyshare.com
Access-Control-Allow-Origin: https://www110.zippyshare.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15255681; expires=Sat, 25 Jun 2022 08:02:02 GMT; secure; SameSite=None uid_id2=6b524b07-4aa0-4162-947a-896ed6b01e6d:2:1; expires=Fri, 01 Jul 2022 08:02:02 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 25 Jun 2022 08:02:02 GMT; secure; SameSite=None uncs=1; expires=Sat, 25 Jun 2022 08:02:02 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 25 Jun 2022 08:02:02 GMT; secure; SameSite=None uncs29=1; expires=Sat, 25 Jun 2022 08:02:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfa5a234dd4f72e96e357ca509c5d448
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5578), with no line terminators
Size:   3945
Md5:    c0137783652351e4ef61f9b8eff8d218
Sha1:   9ffd7e5048dfa5d4f7736c4ee9f7e9cf8ba62128
Sha256: 9597b99b2d4101edf88bcf7f1d862ab802879181c42e390fef42325fdf112412
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRSdDVYaqpA0FEFXIAESPu%2Fu3e3eJQWKMUYWJo4SEHRodmbuPHh2ZzWzc3s%2BURgioZRHS7V%2BZ8cCoggKSiJ0jgQiEpKPygXukGgRUmp0F4uD37z3%2FvvF27fz%2Bb47Iz4cPV17Vw%2BlUnSlVfdrr34YBNdrmzJzg9qgHX0UNa%2FXTP9aJ6r7r9XeFmxHr4R%2B4PuBH9TWpRFdPViZmZD5g05Q7%2Fj1ZlgPWk0MzP%2B1dR4s9cD7Z%2BQFSD5deuxdgWQTZOm3a8LuFDp%2F%2Fa3UKVpogz4%2Fej%2FbyXSZIV3QrvHQzY7Or6Htyfoj6OxwHhe6%2F%2B9hIqfE%2B%2BkRkuzoPCSS%2FsE8Z6IgMiT8eZT9CYSaQNIJmL4LyU8IwDhubiFL79%2FUpqS7z1w6c6dk6enfkOWULP1%2BBVn6cFXJQe2OVq6QOrMYdCvIwQSyN0HujlEML0CWx2DFZ5D8V7LydBNZerBllYbkpy9HSStsJn683KTUX24GUbjcacZ0ud2JBI8SPxARnxck5QSyO4ESI1B7Ac56cNKD63pwuYeUn9ZYEASxzxn12x3GGjwWScT9gMbdgAZ%2B1IZjs28YochHYGoEZvaQmz3syBGM%2BxF2u4LlHmxB0OcVSkFQWoKSEpSSoCwIyn51yJUNbXWfK%2BuS4BzDc2xUY1309umhLnoiI%2Fv5Gbk0L%2B7Pnz%2FFjjitMRpFYdCNmgnjXe7TFqUh7casFUdxq90IYWUFaS%2BAWg9DOSXkl8vIZ%2FjlNST0GFYdg8lLoO4qaDmOQx90e9xs%2BxhmD4cyz3ftNjWiznQKrivkxRKKXW9fnZEX50le%2BeMqBHtCzgfMVMhNhY%2FlY4Keuje%2BrUtycFuXlny3lRcylUM6%2B713ClqIi1%2B%2FI3ZLbfjGmh19dYPNjBl98J6wxSbNuMx6lnyzKjkXZl0bJsgPG%2FYDkdxydnvVmczlm7feXN9IcyOslTqbgMqTTyIwOSUXbxzO3%2B3lv1qQZgLjKqRukVTqCVi%2BB5svdlYTGLXQSe6hdNXYhMliqSSBEgtNkwr2PzpZ8H17Dz3zEmhxF1laoW8q9FUFqkaw7rlxkZsnb%2FzWmA8S5Y0TZbyDRBn1xbNqrTytxY2GT6NOK4hjKuKkGba7UcApDZtRGEW0gcJOk%2B%2F18B8AAAD%2F%2FwEAAP%2F%2FhWu%2FzYIEAAA%3D HTTP/1.1 
Host: broomacknowledgedpinch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6b524b07-4aa0-4162-947a-896ed6b01e6d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:02:02 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32583f68b02ca7013edd0f9ae7f22c23
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10339
Expires: Fri, 24 Jun 2022 10:54:21 GMT
Date: Fri, 24 Jun 2022 08:02:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10339
Expires: Fri, 24 Jun 2022 10:54:21 GMT
Date: Fri, 24 Jun 2022 08:02:02 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fcpc%2Fdefault%2Fbr%2Fdesktop%2Fcam%2F1%2Findex.html&l=1184&fd=341 HTTP/1.1 
Host: broomacknowledgedpinch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6b524b07-4aa0-4162-947a-896ed6b01e6d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:02:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

                                        
                                            GET /sb/cpc/default/br/desktop/cam/1/img/message.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:02:02 GMT
content-type: image/png
content-length: 13952
last-modified: Fri, 19 Feb 2021 14:02:25 GMT
etag: "602fc4f1-3680"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8176834
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e65giMvay%2FwoC%2F6Ruu2D1kzwKsFW4vabiOqE%2B%2BlQPwIYEjPj%2Bzjwsn%2FpyXsbwl%2FWl%2FeucScuvCm1BjzAD4cAyjiuCOeUHawBr7RrcemDV1roxiU%2FB5fNs8pksn%2BSYO4tJdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203f0602ef5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   13952
Md5:    e3e9c923d1aed798097c20110bb95828
Sha1:   76d6be356529adaf6670b9dea02fd1e7a393011d
Sha256: 72424503e0a71d269a3d5fa335e6c336bd195678d1bbcbdc421a31b035c7868b
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10339
Expires: Fri, 24 Jun 2022 10:54:21 GMT
Date: Fri, 24 Jun 2022 08:02:02 GMT
Connection: keep-alive