Overview

URL www4.zippyshare.com/d/3eocAAU7/42401/rankmathpropack3014n.rar
IP46.166.139.135
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-24 00:35:21 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-24 2 encloseddealing.com/1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js Malware
2022-06-24 2 d24ak3f2b.top/advertisers.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-23 2 encloseddealing.com Sinkholed
2022-06-23 2 livetellsspatter.com Sinkholed
2022-06-23 2 d24ak3f2b.top Sinkholed
2022-06-23 2 unseenreport.com Sinkholed
2022-06-23 2 unseenreport.com Sinkholed
2022-06-23 2 abateall.com Sinkholed
2022-06-23 2 pickupfaxmultitude.com Sinkholed
2022-06-23 2 pickupfaxmultitude.com Sinkholed
2022-06-23 2 pickupfaxmultitude.com Sinkholed
2022-06-23 2 pickupfaxmultitude.com Sinkholed


Files

No files detected



Passive DNS (33)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-23 22:29:05 UTC 45.133.44.9
[Mnemonic Passive DNS] pickupfaxmultitude.com (4) 0 No data No data 192.243.59.12 Unknown ranking
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-23 04:53:43 UTC 54.230.111.99
[Mnemonic Passive DNS] ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-06-23 11:59:42 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (2) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] simplewebanalysis.com (1) 0 No data No data 18.194.245.245 Unknown ranking
[Mnemonic Passive DNS] v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-06-23 12:27:53 UTC 23.38.200.123
[Mnemonic Passive DNS] alkentinedau.xyz (6) 0 No data No data 54.230.111.109 Unknown ranking
[Mnemonic Passive DNS] unseenreport.com (2) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-06-23 21:30:34 UTC 104.18.32.68
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-23 04:55:40 UTC 35.161.136.21
[Mnemonic Passive DNS] s7.addthis.com (4) 1504 2012-05-21 19:36:58 UTC 2022-06-23 11:43:50 UTC 23.38.200.123
[Mnemonic Passive DNS] m.addthis.com (1) 1448 2015-03-31 14:19:35 UTC 2022-06-23 05:44:07 UTC 23.38.200.123
[Mnemonic Passive DNS] historiousmor.xyz (3) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] www.reddit.com (2) 2161 2014-04-07 21:08:17 UTC 2022-06-23 23:43:50 UTC 151.101.85.140
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.95 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (2) 86 2012-11-29 12:49:49 UTC 2022-06-23 23:10:17 UTC 93.184.220.29
[Mnemonic Passive DNS] encloseddealing.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] e1.o.lencr.org (7) 6159 2021-08-20 07:36:30 UTC 2022-06-23 05:39:53 UTC 23.36.77.32
[Mnemonic Passive DNS] r3.o.lencr.org (16) 344 2020-12-02 08:52:13 UTC 2022-06-23 04:53:45 UTC 23.36.76.226
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-23 12:11:54 UTC 104.18.21.226
[Mnemonic Passive DNS] z.moatads.com (1) 374 2014-06-08 02:51:55 UTC 2022-06-23 12:27:53 UTC 23.38.201.146
[Mnemonic Passive DNS] api-public.addthis.com (3) 4111 2012-05-21 13:44:35 UTC 2022-06-23 18:09:16 UTC 23.38.200.123
[Mnemonic Passive DNS] www4.zippyshare.com (10) 0 No data No data 46.166.139.135 Domain (zippyshare.com) ranked at: 41031
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.35 Unknown ranking
[Mnemonic Passive DNS] livetellsspatter.com (1) 0 No data No data 192.243.59.13 Unknown ranking
[Mnemonic Passive DNS] smereteret.xyz (1) 0 No data No data 143.204.55.54 Unknown ranking
[Mnemonic Passive DNS] cdn.sb4you1.com (3) 22321 No data No data 104.21.51.177
[Mnemonic Passive DNS] d24ak3f2b.top (1) 105412 No data No data 142.0.197.108
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-23 14:13:18 UTC 34.120.237.76
[Mnemonic Passive DNS] abateall.com (1) 0 No data No data 192.243.59.13 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.135

Date UQ / IDS / BL URL IP
2022-06-27 18:48:36 +0000
0 - 0 - 5 www3.zippyshare.com/d/xV6xwgH3/35885/traveler (...) 46.166.139.135
2022-06-26 16:03:28 +0000
0 - 0 - 4 www3.zippyshare.com/d/rpn5ygf4/47918/crack.rar 46.166.139.135
2022-06-24 06:26:33 +0000
0 - 0 - 4 www3.zippyshare.com/d/rpn5ygf4/9067/crack.rar 46.166.139.135
2022-06-23 14:09:14 +0000
0 - 0 - 4 www4.zippyshare.com/d/VA4VQo6X/8063/stackable (...) 46.166.139.135
2022-06-21 20:41:18 +0000
0 - 0 - 19 https://www4.zippyshare.com/d/XtjFv3Z8/2222/g (...) 46.166.139.135
2022-06-20 12:40:50 +0000
0 - 0 - 9 https://www3.zippyshare.com/d/6itbf9pd/43159/ (...) 46.166.139.135
2022-06-16 20:08:28 +0000
0 - 0 - 9 www3.zippyshare.com/d/rpn5ygf4/50491/crack.rar 46.166.139.135
2022-06-16 20:08:08 +0000
0 - 0 - 4 www3.zippyshare.com/d/rpn5ygf4/18221/crack.rar 46.166.139.135
2022-06-14 14:16:41 +0000
0 - 0 - 13 https://www3.zippyshare.com/d/wGfWZPSS/7996/O (...) 46.166.139.135
2022-06-11 13:02:12 +0000
0 - 0 - 3 https://www3.zippyshare.com/d/s5updJNS/15438/ (...) 46.166.139.135

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-08-19 16:52:08 +0000
0 - 0 - 4 major.wrengostic.com/ 185.107.56.57
2022-08-19 16:51:22 +0000
0 - 0 - 3 buy.wrengostic.com/ 185.107.56.57
2022-08-19 15:50:15 +0000
0 - 0 - 5 edge.wrengostic.com/ 185.107.56.57
2022-08-19 13:21:56 +0000
0 - 0 - 7 boletosimple.com.ar/ 77.247.179.88
2022-08-18 12:23:59 +0000
0 - 0 - 3 how.wrengostic.com/ 185.107.56.58
2022-08-18 06:15:23 +0000
4 - 0 - 3 from.hammerhandz.com/ 185.107.56.58
2022-08-18 01:18:56 +0000
0 - 0 - 1 use.wrengostic.com/ 185.107.56.57
2022-08-18 00:49:35 +0000
4 - 0 - 3 rp.seroteforoh.com/?pcrc=867485255&v=2.0 77.247.179.88
2022-08-17 17:47:08 +0000
3 - 0 - 3 ihaveachargefromapple.com/ 77.247.182.245
2022-08-17 07:53:58 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-4.exe 141.98.6.236

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (40)


Executed Evals (2)

#1 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

#2 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 707, repeated: 1) - SHA256: 44cd92a15415be5d5aa64cc816eaeea4786f85d62de4c2b3185159712993abab

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CAiNWYhIuoGU3Bf9GH0dEdHP3xP.c5b%252CCKpnpWsPrDmtWUB89tuixK2qUjeTaRF-PwsU0TpC4d3sNJB4p85xFreQDiWzOsGzVhCnz69r-0Msp0m5cu0KxvB1Ldr6ul-1hz5BG1WjpJNlcMPi4bQqtx0itAnxUTrPzyGBmXXjCZjgfI3syF3IVLtHis2I0NhtVGis8z2eZPP6jKRriCVPIGkVY1md4nLa7EAfl4f1cAs9XlRJIBB8Fkkp2Rc4SiTiUJraLy_w-J9PmSHlrTiDCF7DRMQquQ3JngUb7jHKgQ4ERRescRUUzwpssf8J5245NlNC8L3JnmSDPV6F_Ri-l1xx7qXzQWY-aqcIx_gOY3Flo0xoocPr7U8C8Y6PUppiPYlQhfT2pcJmQipQzKPmRhouT8rsFolw79NT2JqDCehBS3094QVtijAkie5BI7OpbMS_5Ex8EKtV1F6pbZX2ZnbSjhaUtEPC"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/276949620/creatives/23432722/e67bcb299946234d8f4aea6474ad9293_3126.jpg"
width = "100%" / > < /a>
                                    

#2 JavaScript::Write (size: 707, repeated: 1) - SHA256: 6e6da481583d4503aa44b3915d2ac6b2579a537820341e0a717db2f87f758132

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CQ3MmNhLqoGU3Bf9GH0dEdHP3xP.6a8%252C6WCG55gumNxBWrmwpbrLUW_YYU8lvIuvMzLvQrQN0yt1qapJRHRabWkgz-wEx3PVeHWK_cGxxMbqzdxWJdf3l_MlaPd-focGf1l58W6WHpYEwa0Uyti1BPLoIROzNUudkfR_0bawkAy5QejT2PoC-AAzdAxn519Fk4KNQYw4EVGZjaTMaxBphk2VNY2DINC0yzNiJ0S-hnTRQvqTMw2GkWmaRC5vng-ZImhq7-RD6tGVD9Jg6UsdkMBHdi4u3h6Y1x_4kLVn_c2NC6lQtl0Ryg-qOCaR_N-GU3SPk1_Yt47kfL_JCvrdJGQi8EdfbbqU_L-yxXccIyqdq_-ItYk513kXXPlJ252n9znkBfItpBCTf6ilkcfNMEmDHlczSCFzwBYcR2z8FAC8h2DhaG_UfLdVwEDKS2NcktNsS8Gd3u305O0FBcma6QgAdZJC4-LT"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/299392020/creatives/23473444/1d99c38f578d40918da600d89618bbe1_7956.jpg"
width = "100%" / > < /a>
                                    

#3 JavaScript::Write (size: 707, repeated: 1) - SHA256: 4f10ba71f9540d4bae7bdf1bc9b7fc82a09f7133aa3d0cb3fff8399cc151054b

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CQiE2NhL2oGU3Bf9GH0dEdHP3xP.ae9%252CW8sJYzutoP90NHRP8vknCoR-O2XlJ26z28fee415hEUE7smEJXVOs0AXmWtjBWVZ1R856kbUjEVwX8lzQAnzET75kOA0eOcM7N5H0-bVqYmAbc9UnFZ06susdD_tqVUMNPri6fWp_kNYsFEvE71Ze52-TkHW4CO56BJb-MsFPkYYkkq1q9c0xURD9GMp6xBqjFhTlfdJJ-dGcCKiINP2QuctZBbeyX3xq-aMu8li3MMiqh1PjIhGBh8HToE0Ej-2KMvi7emqmOCj5MAyvwEb38XrAAFsuXOEYa8qvTxDN-iIozCx6Hc5SjHFdKAmoeeMjkfhR2_ogm63xjHnP1TmRPkITwGluKc5j9VEuaci4dnoJFCc4CIiB6AugReeaplLVL-Ui6Og5Bs27ITtxuTZu9FM8NUE2PgZTJ6XyFGv1svSb2kEH4vgMSJ1iNBeQlAD"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/299392020/creatives/23473444/1d99c38f578d40918da600d89618bbe1_7956.jpg"
width = "100%" / > < /a>
                                    

#4 JavaScript::Write (size: 780, repeated: 1) - SHA256: 6a2b9f1f63b0348de321f29bfdbf261896c7636047a2e77c6df43f5cd39189b9

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 b506b9464b6 " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257C%252CoojY3o3LqB1dAN0dEdHP3xP.db5%252CZMkKdRAQlkuDbgTABrav5BaSvxyvu08T5b6am0UMglXuNR9fm-PXb9mRRFfnzGYo7uNIkfufBDU6Khi--DkqqqnrmfAFWEsKKz_tb5Z_pds%252C&cbpage=https://www4.zippyshare.com/v/3eocAAU7/file.html&cbur=0.9936093984292804&cbtitle=Zippyshare.com%20-%20rankmathpropack3014n.rar&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    

#5 JavaScript::Write (size: 781, repeated: 1) - SHA256: ac04732bcf599b3943c201cd57e9194ae3b5658869a42979b8453154c320752d

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 b506b9458a2 " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257C%252Cw4iO6IhYrB1dAN0dEdHP3xP.244%252CZMkKdRAQlkuDbgTABrav5E9NHiluZm-CgyjEQ42K5XHdFw-RInoN4LCCwk-HzYKB5cJPiRhdwdoKz3SzWeI2CXVlQzrrcFJLW4L56PPL0ro%252C&cbpage=https://www4.zippyshare.com/v/3eocAAU7/file.html&cbur=0.35314487232270364&cbtitle=Zippyshare.com%20-%20rankmathpropack3014n.rar&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    

#6 JavaScript::Write (size: 780, repeated: 1) - SHA256: 85e425dd338990966b56775b863b1dcb8206367f67f0cd37dcad5f52f4a94d38

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 b506b945717 " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257C%252Cso3I6YiarB1dAN0dEdHP3xP.128%252CZMkKdRAQlkuDbgTABrav5LAedaET6WaWLKTWmxsbPPJjgqoN3f6jIuMkZAyWaxAVxUbGM1L02isJpS3CYdeDgkxZwoIL9nmYoLfURVSJDdM%252C&cbpage=https://www4.zippyshare.com/v/3eocAAU7/file.html&cbur=0.1119010794792702&cbtitle=Zippyshare.com%20-%20rankmathpropack3014n.rar&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    


HTTP Transactions (98)


Request Response
                                        
                                            GET /d/3eocAAU7/42401/rankmathpropack3014n.rar HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.135
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=AD9AD546FFF33E4DC81C70317DAA0259; Path=/; HttpOnly
Location: http://www4.zippyshare.com/v/3eocAAU7/file.html

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 23 Jun 2022 23:44:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3YVKs0DPak6wXS4T1ztOkkJzSY_XgzCTaX71x8uFdI6t-87TDGNIGw==
Age: 3058


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13804
Expires: Fri, 24 Jun 2022 04:25:08 GMT
Date: Fri, 24 Jun 2022 00:35:04 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bfeIjsNWPeeRnpTdkBbQHOvoQOM1TngCzWHTvbLeKk_TNgu5CRtijg==
age: 80653
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v/3eocAAU7/file.html HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: JSESSIONID=AD9AD546FFF33E4DC81C70317DAA0259
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.135
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 162
Connection: keep-alive
Location: https://www4.zippyshare.com/v/3eocAAU7/file.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 00:35:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 27 Jun 2022 23:00:03 GMT
ETag: "f48d1d2319a003a7f8090425a634a1473b26dd1f"
Last-Modified: Thu, 23 Jun 2022 23:00:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3545
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 720161a14911b4fd-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    ae020f76723dbc2f83772ce07f84c6d3
Sha1:   f48d1d2319a003a7f8090425a634a1473b26dd1f
Sha256: febfe6768b84fda926b3ba7211a40e638cab14b874bab3b7b216d85141dbbbaf
                                        
                                            GET /v/3eocAAU7/file.html HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0; zippop=2; __atuvc=1%7C25
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=6ECFE7C168F393DB739447341759F9B6; Path=/; HttpOnly zippop=3; Domain=.zippyshare.com; Expires=Fri, 24-Jun-2022 12:35:04 GMT; Path=/
Content-Language: en
Expires: Fri, 24 Jun 2022 00:35:03 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38173), with CRLF, CR, LF line terminators
Size:   40063
Md5:    f7130863250c7a1bb9cdc22716a0d7a3
Sha1:   daa50f55b196ff6709660d46f189db4a2840df75
Sha256: 56d64bcaf0252d6ee5e623d92c90d5e513885bffd3dac1ce7c2a3be1c0c7b956
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 00:35:04 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /ads.js HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            GET /sw.js HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 17:03:56 GMT
Expires: Mon, 27 Jun 2022 17:03:56 GMT
ETag: 666C072E761580CBAC302A98729F1E687DAFB125
Cache-Control: max-age=317931,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 720161a338b81c16-OSL

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:04 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 00:35:04 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 49641
date: Fri, 24 Jun 2022 00:35:04 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TXK3uycJio-sqNOtOQVs7wrJfO6RDwAXwG9QA6OXEBJALvjdy9k_tg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49641
Md5:    c21a9212aad0d4eb2ab11098b639b5b6
Sha1:   77b0e828f5f4853a09555dbd78c9ec8125c28896
Sha256: 4763106d5b87e8b918918ddd69a95a7d7e65f9b21cac41e44530200e9a9c851a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D7DAFA5172DE1B8BEE3B42CA818DC87A5C79F68B264145703F51C7D009B5C27"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14595
Expires: Fri, 24 Jun 2022 04:38:20 GMT
Date: Fri, 24 Jun 2022 00:35:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 17:03:56 GMT
Expires: Mon, 27 Jun 2022 17:03:56 GMT
ETag: 666C072E761580CBAC302A98729F1E687DAFB125
Cache-Control: max-age=317930,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 720161a58983b512-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 17:03:56 GMT
Expires: Mon, 27 Jun 2022 17:03:56 GMT
ETag: 666C072E761580CBAC302A98729F1E687DAFB125
Cache-Control: max-age=317930,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp9
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 720161a58a590b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Jun 2022 17:03:56 GMT
Expires: Mon, 27 Jun 2022 17:03:56 GMT
ETag: 666C072E761580CBAC302A98729F1E687DAFB125
Cache-Control: max-age=317930,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 720161a589c61c16-OSL

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.95
HTTP/2 200 OK
                                        
content-length: 35993
date: Fri, 24 Jun 2022 00:35:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: InkzIW8FVIIOeKf-0coE1W0YYE1294fvUbHzfHPl2coXIscWRKiHfQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   35993
Md5:    2bf13318d8c5b097b4963ec1176b710b
Sha1:   11429de4a815b208063fe6292815ad9a68d8b16b
Sha256: 210102afb98744150d35a2001ecdd22fd7c07fa39a05764ae4836ebae9a03403
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 00:35:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2022 00:11:58 GMT
Cache-Control: max-age=3600
Expires: Fri, 24 Jun 2022 00:53:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TZnq_p_wevBgmq4Bu_kQp7dq1-DQGZcXBNUxQOy8Ia1ybn_KkF2DDg==
Age: 1387


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5021
Cache-Control: max-age=154949
Date: Fri, 24 Jun 2022 00:35:05 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 19:37:34 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js HTTP/1.1 
Host: encloseddealing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 00:35:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55ff42ce7810ba0199666a287de21b95
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (53762), with no line terminators
Size:   17182
Md5:    e7cfa77cb03fc79179e433d2dc729cbe
Sha1:   294de9dc8766fa971c03250b4bcc1b4f7d82172a
Sha256: d93b33604870678e9bbaa1e4d07f0f059b721dc5cb5eb3dbd935d095c8a1abb1

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5978
Expires: Fri, 24 Jun 2022 02:14:43 GMT
Date: Fri, 24 Jun 2022 00:35:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1104
Cache-Control: max-age=114647
Date: Fri, 24 Jun 2022 00:35:05 GMT
Etag: "62b41f40-1d7"
Expires: Sat, 25 Jun 2022 08:25:52 GMT
Last-Modified: Thu, 23 Jun 2022 08:07:28 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C8CE8D8DC46E08AC8D9070F15C32E97203A14B22E8B3C3766FB62CDA90102BC6"
Last-Modified: Wed, 22 Jun 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6198
Expires: Fri, 24 Jun 2022 02:18:23 GMT
Date: Fri, 24 Jun 2022 00:35:05 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   538
Md5:    977e5709bbc11549d803b4bdc30273a2
Sha1:   09f30d62e59768a0a6f3f83bb8021e0f5c1b6049
Sha256: bd4a33086e911356cf6c83484e1262285629188e1fd1c3bbaca4ab717cfe4137
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BC35B1B6B175D42A52D978FD5CCCC9356361AD2B33782105CA16EA36E8332EFF"
Last-Modified: Tue, 21 Jun 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2603
Expires: Fri, 24 Jun 2022 01:18:28 GMT
Date: Fri, 24 Jun 2022 00:35:05 GMT
Connection: keep-alive

                                        
                                            GET /ZFVKQWgFNyksVwVoKGcdFjl3ZFoicHgHDBdtcjELVD49dwsSNmQiBAsgLicaCzs+bwYBIW9zLhYbDykdKgImGSITFx4XAyU9CSYANhQCNQ0lEz0SIQxkKwNYNmQBBFAKDAsMXgcELQAjDCUrDBAtbQwHLjEXDXUrMhQuFQwxPRsDWQBkEjklLQAJMTwlAHMAJyUTLxctITgJLSk0DRkYJDEAcwMjMhsTAwNQPQstAy0QEi4HJRApBAoyIgwQPRxgEjkqBTEncAsmBBwlIgwhBBUpPmEMJlkCNHl0CSETOnMKMiIMBlguIRIZOjUUJxsNLBA9Bg0leCYQKwhtJBIfByMILwACFxwqLgETchA/EwQ/A1gHGB8oCzMQDDURBwMtIz82HHMUHzVzIDIHCiV3BxIqAQEVLAVhKDUHPg HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.109
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1173
date: Fri, 24 Jun 2022 00:35:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XNFTdICHtQMQ4hxua9GSaPMixDxgRZk2Zqsv6LA25hwSRwhM7U_JVg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Size:   1173
Md5:    d8b0e132e206c1b099806152a4709b59
Sha1:   7c835ae498ea1e67b5652e849ce61da20901e365
Sha256: 379cfb5ac18db92c4f8b07ce86b83699dc59969a5dde6fb846f5429270a26a2b
                                        
                                            GET /ZENiUW4FIQE8UQV+AHcbFi9fdFwiZlAXClVzDiQDBTcHMgdQdFB/DQgsFzUIFiwMJUAKJhZ0XCI1MwcsJhEMHAc0Olo2OiAWVxs2EAYBYzRVIDc1ACspKyEmMAUWGjY9cygCATUAUjIBIhs0YCweAVAfOhMbBBYsCggKGBgqcBo2KA17GDcmABUrFT8OJlI1AC4HJyEpLDRUHS0pIi8CL1cOGj4HACkzPzoNNEdjKCs6WjciMAUJNSoycwQ/KA4SOhdaKxsGEjQjDiYIXiI7MhIJCwEIPV8HcDsdCzMaBzIrACg7JiAOEjoUBypxLBAvIy9RMCsqLAYJQypxJBI/HggLPTkHOzgrCg8JGggmJnEzPDwNIDEQDyk5Nz8lNTcJCAkAZlAXPDN6BQsUKgwBEEgOMA0/HlkrUhYKHhIvZQchd1ElHw HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.109
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1180
date: Fri, 24 Jun 2022 00:35:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 76LGV_5CQJ9mNOZmbfuPzxcxrrqo-UYvXGN026xYabLVM7MIodeWdg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3023), with no line terminators
Size:   1180
Md5:    74bd1bf0c6345c34ed9a617b9db75ac8
Sha1:   a785162ff30184a6f1208b352e6995599f06b08a
Sha256: c1c90bfed9e7529f3f66de17cab3cdaa94716fe50cff562acd044be35ef61b2a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 23:32:36 GMT
Expires: Thu, 30 Jun 2022 23:32:36 GMT
ETag: C29545E1D326B7F5C8210193B4A6A43258A085A9
Cache-Control: max-age=600450,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 720161a99c6fb512-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Size:   31715
Md5:    15995acc1512142401ce3cd87ed13927
Sha1:   f2fdf9d50195cb777abe88b00efc1807dcff0f7a
Sha256: 66a6900bc53f16105aad635daf2892eb54f5c7cc8339428445450f7dcfc888ff
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GyuIB6re1ucV7H9xulbzsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.136.21
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oyVH3I0i0pMysp153D7IBtbln8w=

                                        
                                            GET /ca/66/21/ca6621f64bcdfd0a5aa2af7c57675832.js HTTP/1.1 
Host: livetellsspatter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c6f4a29093575e9479a09e2ce5ae391
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33832), with no line terminators
Size:   11419
Md5:    784a4d362eb814be5667b83af2961a4f
Sha1:   03fbcac29219d50acf95f98d48a421580ec8180c
Sha256: 9b9e587757258b554cf4d8b4ee6778c164e7330bc9be802de11f7fcdbd063ad9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /rNEhuNWlXJwBTVkAhCghRAHteAFwSIh1aB0R1KE8nYAM6cQgAKhpaMxI8FFFUBG4CVAdTdUhQB1d1XxMIUCpTAU9AOAFeVEEmClAPXSYLUU9BKVNYBk4hAlkIEXooAEcEbVwFQUx5XxBadm1cBQVdJhtNTAZ4Fg1fa35aEFp2bVwFG0JtXXRQAmZeHEwGeA-lQCl8nSwcvBnhfBVkFeF8QWwQuB0cMUicWEFtycVgbWRI9UwQ HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alkentinedau.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 354
date: Fri, 24 Jun 2022 00:35:05 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 94qNcL-f1XIC-x2fJIp59_0vFdFGFHuF0NAh5fzds-bUNViIJVyfGA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (445), with no line terminators
Size:   354
Md5:    c926d7fde18c6272d11e352dfc8b3dd6
Sha1:   c472d303534434e540bcf2a648c77ff1ccc1d1fa
Sha256: 675dd269a1e5dcb865d692497dbf016a70c7648a186e398ddae3c76d4c30dc9f
                                        
                                            GET /sw.js?c0xUbWsobmNfWkV%2EY09HUW54T15AeTdeU0V0eQteFn95WV4WdXkMWEEoeV5dQHxnD15EfDAIClFgdl9aS3g1Xg5HYWBcWEBhYFxdEGE1Dg9AYWxcUkB%2BZl4KSihlDElfbicaSV9uPAQYByMmBAQGPzkCGV00LRdJX25lXUVGbngLCh8%2EMUENEiAnCEcVLTgeDi4 HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:05 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5977
Expires: Fri, 24 Jun 2022 02:14:43 GMT
Date: Fri, 24 Jun 2022 00:35:06 GMT
Connection: keep-alive

                                        
                                            GET /vQVBBRnMiPy8gTDU5JXtEc2Z1cUdnOjIpHTFtKXY0JSoQC0coFXV1BzB2NTwXfGBnKhIvN3xgFi8zfHdVIDQje0dnJDEpGHw6LCMaMSA3MxoidjQnTiw/Oy8fLTFkdDV0fnFjQXF4OXdCZGMDY0FxPCgoBjl1c3YLeWYecEdkYwNjQXEiN2NAAGl3aENodX-N2FCQzKilWcxZzdkJxYHB2QmRicSAaMzUnKQtkYgd/RW9gZzNOcA HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alkentinedau.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.95
HTTP/2 200 OK
                                        
content-length: 446
date: Fri, 24 Jun 2022 00:35:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sIHzDvGJhJvx82pfPsnA5GINcXEdHs9S-RNUFtkBFXCY1jat284vBg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (586), with no line terminators
Size:   446
Md5:    b5a1108dff701a2cf040c060fbd7c2ef
Sha1:   f7bcb39433aee33b5ab7a567a15cfe0adda53d1e
Sha256: 9f94656a57712c18c135fdb1a63d8871322bb1a779aa6bf147b4cf5f10bf0297
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 24 Jun 2022 00:35:06 GMT
Etag: "62b3a4d3-1d7"
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mffjUWWtA_vVBSWcT48MgcvNorUmI61m52jgBl0qx0Z-itApt2Lmxw==

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43A13B73C14A970CF96F9B6FA009E96A4DDF436C4A58CCD40C608B0B8D5A9595"
Last-Modified: Thu, 23 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8626
Expires: Fri, 24 Jun 2022 02:58:52 GMT
Date: Fri, 24 Jun 2022 00:35:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 24 Jun 2022 00:35:06 GMT
Last-Modified: Thu, 23 Jun 2022 22:52:58 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mecbMiTEkREdaK-hEqccgY6nXrMCTfSofKnMegrpIsoKNE_RO6FxSg==
Age: 6129

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.194.245.245
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 00:35:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www4.zippyshare.com
access-control-allow-credentials: true
set-cookie: uid_id2=87e67d08-edd2-4758-bcb5-89b028def434:2:1; expires=Mon, 21 Jun 2032 00:35:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    8d6c0268f6e514f1309fd57467d0c0f8
Sha1:   554a2991c870aa4e24c76f22d05d7396015780ab
Sha256: d9de4d8883e602b7b48c6e20a1bb15ff70ea71f216797aac2ecfde82d632d3e8
                                        
                                            GET /utx?tid=721637&top=www4.zippyshare.com&cb=icpbFyKRqc24 HTTP/1.1 
Host: smereteret.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.54
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 00:35:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www4.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 00:36:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LMbmoE7YOcQLipmfVxv0SeyrOJWMrZ3_GSoNW-L82f386Nqkd-QXTw==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 387
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EC5F1704950BBEC18A5F5BC27BF4CAD5C28CF5F1149F5AD6FFA351EFD6A97F8"
Last-Modified: Thu, 23 Jun 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9631
Expires: Fri, 24 Jun 2022 03:15:37 GMT
Date: Fri, 24 Jun 2022 00:35:06 GMT
Connection: keep-alive

                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www4.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/v/3eocAAU7/file.html
Cookie: zippyadb=0; zippop=3; __atuvc=1%7C25; JSESSIONID=6ECFE7C168F393DB739447341759F9B6; ppu_main_1d3584ff950f38d5b2e10bc2994be620=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=87e67d08-edd2-4758-bcb5-89b028def434%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.135
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 24 Jun 2022 00:35:06 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 00:35:06 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Fri, 24 Jun 2022 00:35:06 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116423
Md5:    d5b9b7a3accd3b7b7de639c072ae3ee2
Sha1:   9583b5c046d78af5c6379d844219f828aa2222d0
Sha256: 648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
                                        
                                            GET /utx?cb=IWfwp1s3eX5b&top=www4.zippyshare.com&tid=843055 HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.109
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 00:35:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www4.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 00:36:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9rl4PulwIvUO-1mGAbKkJPkeaIf8ET1b6z4S_32bBB7xeoNI29XI7A==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=yeQYUu2gA3Y9&top=www4.zippyshare.com&tid=726474 HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.109
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 00:35:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www4.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 00:36:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EPlxfFGKdOl1AxbS1eQOqwd32yx-MBcm5vXU-CN8bEMO3b5PHbEH_A==
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /multi?cs=VXBEY01jQXJbf2JEfVp8Z0JzU3s&abt=0&red=1&sm=76&k=zippyshare&v=1.0.58.2&sts=0&prn=0&emb=0&tid=726474&agec=1654105504&fs=1&mbkb=59.55926146515783&ref=https%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_pMKW=1656030902626&crc=1 HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.109
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 1444
date: Fri, 24 Jun 2022 00:35:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www4.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b063809e-427c-4274-be35-9c1b8b320b30
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FC8QQ92oQjd_6MG8Q5Vx79scLY-ssz7FBel1IKU-hrsTUJpX33BZjg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3031), with no line terminators
Size:   1444
Md5:    8bbed278d20eee83b4d2a85cdacede7c
Sha1:   1469cf9a6ac1ee298a47f129ca121f93c2b5c381
Sha256: 868461b0974fad94c68ae060b6d94e4f74afe28a83fe9fc20cedbf3f722345d5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 00:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: d24ak3f2b.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.0.197.108
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:06 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www4.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www4.zippyshare.com
Content-Length: 356
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.146
HTTP/2 200 OK
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=16222
date: Fri, 24 Jun 2022 00:35:06 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 24 Jun 2022 00:35:06 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /live/boost/ra-4d7009770839a69f/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
content-type: application/javascript;charset=utf-8
content-length: 394
etag: -1051258987--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=1, s-maxage=86400
date: Fri, 24 Jun 2022 00:35:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (959), with no line terminators
Size:   394
Md5:    a56b6037cbe0514682f237a248cb225a
Sha1:   13c4d58372a70db705a2413b9abbd32de3c8ea70
Sha256: 45fc6ad9d670562601f73fd77a7e63112f8efe24fa49a85e093ab02126b4f193
                                        
                                            GET /floater?cs=NFQ4dTgBZA1FDAZsCkAKB2QLRwg&abt=0&red=1&sm=83&k=zippyshare&v=0.8.8.2&sts=0&prn=0&emb=0&tid=843055&agec=1654105504&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=59.55926146515783&ref=https%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi1_&_emOO=1656030902625&crc=1 HTTP/1.1 
Host: alkentinedau.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.109
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 3571
date: Fri, 24 Jun 2022 00:35:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www4.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=44170856-d7de-48d6-bfb3-d3af4df59731
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y1StJIRtDCdQcsG0IGl7sABt-tsF2a5MKjMw4ArV-wB0PGVPrgcWfw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5314), with no line terminators
Size:   3571
Md5:    25d8f8737cd766fd05750834d1c7af8b
Sha1:   7bf5584275e7f3f00490aa1277739a42e11ca914
Sha256: b747dd63cd9cfda785eea23e335c9080775bd9d46601603f53196b2a304955d6
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www4.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www4.zippyshare.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77617
date: Fri, 24 Jun 2022 00:35:06 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   77617
Md5:    7314703b3e7bed85a9c681ba1ef347d3
Sha1:   a16b577b93adfd37978875a227d4122689bff853
Sha256: 68c6648a5bc71e6aef61f46e96a4e14b31ca5dfb05cc375545b7b2591c5f3ce2
                                        
                                            GET /live/red_lojson/300lo.json?si=62b506b71957f52b&bkl=0&bl=1&pdt=649&sid=62b506b71957f52b&pub=ra-4d7009770839a69f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www4.zippyshare.com&fp=v%2F3eocAAU7%2Ffile.html&fr=&of=0&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1656030903766&jsl=1&uvs=62b506b781fa473e000&skipb=1&callback=addthis.cbs.jsonp__79279364596228650 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 24 Jun 2022 00:35:06 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    623c04a2bf35cfd1ce7bcafcbea8d4ce
Sha1:   ec86bc45c37a46435af52a17ca6b033f9c8fafd9
Sha256: ea6ff28c64113c83b87ef47305618631407089f1c717a41ab64c73e90d355560
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Fri, 24 Jun 2022 02:20:01 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Fri, 24 Jun 2022 02:20:01 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Fri, 24 Jun 2022 02:20:01 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Fri, 24 Jun 2022 02:20:01 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6294
Expires: Fri, 24 Jun 2022 02:20:01 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa820a46a-765f-44c7-a419-1416079d7858.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14752
x-amzn-requestid: 3198cf2a-fea9-41f0-985c-404fb3f7b0d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UC6TDFLPIAMF7Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b10a79-3f7fa56b3cf26b5c4092f635;Sampled=0
x-amzn-remapped-date: Tue, 21 Jun 2022 00:02:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L4tpQjLVXtmNLUP_lbrY5THXweYSiVcitUcH6sLTCWj_KWROc4YB_Q==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 01:07:58 GMT
age: 84429
etag: "70511c4ed709ee934897dfb4d67e4dcb162acc29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14752
Md5:    04d57f33c32649ce18f99c9063b7ca02
Sha1:   70511c4ed709ee934897dfb4d67e4dcb162acc29
Sha256: 321e550281abc225a3176edb6b69b020c7432d284fdd89adc53195c343529c09
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "068E579FBBEB0061A16F92109D9AE92D9164C86F613BC2FC8BFED0D0EE9A863F"
Last-Modified: Wed, 22 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15838
Expires: Fri, 24 Jun 2022 04:59:05 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "068E579FBBEB0061A16F92109D9AE92D9164C86F613BC2FC8BFED0D0EE9A863F"
Last-Modified: Wed, 22 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15838
Expires: Fri, 24 Jun 2022 04:59:05 GMT
Date: Fri, 24 Jun 2022 00:35:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd503013e-1d8c-401f-9cec-1ff9f66e12cc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6301
x-amzn-requestid: 36932e67-4488-4899-bc45-ea23fb66b248
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VW-FNNoAMF6nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae68f9-58ca366c64b27fd570ce16d0;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:08:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tVzSdMIep1HK47UfTZnvKvLm-_9_NaESIw_XvbtsfDc834acsAYzlQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 01:20:27 GMT
age: 83680
etag: "0d1c278b921fb50ab3e7c31851f099efbecbbbc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6301
Md5:    86fa458d383f4e14f204f22d50693fb6
Sha1:   0d1c278b921fb50ab3e7c31851f099efbecbbbc2
Sha256: 94629bc0b7076f2af81b4507f9fe8bd2b5cc71ea751957e38101e4220f3681e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a9018db-9e51-4804-9c56-7ac1d2176356.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7541
x-amzn-requestid: 779e91c5-09a6-4677-b9af-db6164ebb546
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UJhf-GHDoAMF4vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b3af99-3fcfaf7b7fb299d957dd7c98;Sampled=0
x-amzn-remapped-date: Thu, 23 Jun 2022 00:11:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uDomSO5Rz7P5lmAyxT-p3YnTaROMHeUY0lgSNTApWOhn5Xa0x3nKeA==
via: 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:16:25 GMT
age: 1122
etag: "042581a2f8d5f788b6dbf7c6c940a3952ae4bef9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7541
Md5:    0fe5340d565c2ab7d1b311321ed2f8a3
Sha1:   042581a2f8d5f788b6dbf7c6c940a3952ae4bef9
Sha256: 2085de5ba82db208e4e22402651fb0b795f66da76707c95550d4ebdb54f84c2f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd2f18dc-8026-4c1b-880f-6d609d85359e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10464
x-amzn-requestid: c6b337fd-9621-4244-bf4a-0fb38c5325cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T5ClJGpgoAMFWcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ad17ba-362dd2b65fc6e20647728ed7;Sampled=0
x-amzn-remapped-date: Sat, 18 Jun 2022 00:09:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NmjxNzfT01H_DDeHDfEi6B-SnZu9zWk8GiFzv1c_T4QR8ly13ApmiQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 10:03:34 GMT
age: 52293
etag: "1e1c7d60f6068e9e35d6456a319671d71530cd51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10464
Md5:    79a098d9f8aa35ef6371cb89e7f13920
Sha1:   1e1c7d60f6068e9e35d6456a319671d71530cd51
Sha256: a2e06c8fd3334d1dfc0e1c02a447cde93cf9a2b0b00f21a72d6dcbe9e1db5ee0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b96f859-10eb-474c-8b8c-9e5902b28bd8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4878
x-amzn-requestid: 3caca75d-3753-41f1-a4ec-277c173b26b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UJgx6FZ0IAMFbFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b3ae72-39f08dc910314e8f247ffd44;Sampled=0
x-amzn-remapped-date: Thu, 23 Jun 2022 00:06:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xXwHErnvlqtzN_DoHsbR71h7GCEbf9I6VqrBeaopRk_nFImBNn74xQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:16:23 GMT
age: 1124
etag: "1abc297d329369f4aee445a5eabab7fa089ce764"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4878
Md5:    c90b3735180499df633f9fc6272ff632
Sha1:   1abc297d329369f4aee445a5eabab7fa089ce764
Sha256: 00f8db77cec74be5fb70d1d5bd351fee3dfdc2d807a861184f28e47344a760ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8773da87-c09d-42d7-9054-5fd332193a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10163
x-amzn-requestid: e50196c4-867f-4cd7-9d2f-de07b0c514a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UMdEUHjFIAMF6vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b4dbb5-1cf97b3d0b970df06b091796;Sampled=0
x-amzn-remapped-date: Thu, 23 Jun 2022 21:31:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8g-6kAldCwE5olUMewrXMhVZvVLlgX3WPIYH4C8nJe8rydC9GVGE5Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 21:42:39 GMT
age: 10348
etag: "a63fe56db3c08a52bec457c869094fb37d4abdcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10163
Md5:    486e472ddbc5dc4684b18d17e6cacd7d
Sha1:   a63fe56db3c08a52bec457c869094fb37d4abdcd
Sha256: 046c795f40b6f080bf9e97ee894e88126cb64fa87a3e3c96c990f25c310adbef
                                        
                                            GET /static/125.c67f34a1c8d546f5900e.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-346"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 511
date: Fri, 24 Jun 2022 00:35:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (838), with no line terminators
Size:   511
Md5:    e02aca9ac7f599f09da7c89606af0b47
Sha1:   dd33e0b0b5c6a92acc26c87c74e1567ad32f0600
Sha256: f13686a68bfdcb2f0a03a7d90f742b039702c653ce99c003ad95c5def964f6bc
                                        
                                            GET /pxf.gif?uuid=87e67d08-edd2-4758-bcb5-89b028def434&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=ca6621f64bcdfd0a5aa2af7c57675832&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 00:35:07 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51981f022811cdb63a9eb74727fcac97
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=87e67d08-edd2-4758-bcb5-89b028def434&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=1d3584ff950f38d5b2e10bc2994be620&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 00:35:07 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5666a60dc4053834f1cd3e61d6d34e06
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /api/info.json?url=http%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&jsonp=_ate.cbs.rcb_jxkt0 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 299
x-ratelimit-used: 1
x-ratelimit-reset: 293
access-control-allow-origin: *
access-control-expose-headers: X-Moose
x-moose: majestic
accept-ranges: bytes
date: Fri, 24 Jun 2022 00:35:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None edgebucket=w9qU9meEX3dPpkTfMT; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.1, "failure_fraction": 0.1}
content-length: 144
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   144
Md5:    ea86bfe5fb23fb2b17cc55429a01db9f
Sha1:   4d232daf29dd4ac819a0967c3e24c7bc0efbe27c
Sha256: e37fd24735243c8aa5c9402741e849ba1a113f3bda803a2f2bd7e2fc2ce29650
                                        
                                            GET /url/shares.json?url=https%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&callback=_ate.cbs.rcb_keil0 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www4.zippyshare.com/v/3eocaau7/file.html
last-modified: Fri, 24 Jun 2022 00:35:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 24 Jun 2022 00:35:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    6d29179f3df7932aaef4fde4ba1d0910
Sha1:   a1007a054a046f8c35e63a260e625e01e084eeba
Sha256: bdacf65bad39b46a760232c416a58ee0e9518835ca61161dec6ad4ad98a74933
                                        
                                            POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www4.zippyshare.com/v/3eocAAU7/file.html
last-modified: Fri, 24 Jun 2022 00:00:00 GMT
access-control-allow-origin: https://www4.zippyshare.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 24 Jun 2022 00:35:07 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&callback=_ate.cbs.rcb_if050 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www4.zippyshare.com/v/3eocaau7/file.html
last-modified: Fri, 24 Jun 2022 00:35:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Fri, 24 Jun 2022 00:35:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    fb14f1adb8ff07d841858cac9247d235
Sha1:   9bd78b82b796c3f3a70a80a933648d65fd280ba1
Sha256: 2f94cd3521d7ea9f1a1d01a71efd862a030cb1be4ea8fe80da2511d6ee46873c
                                        
                                            GET /api/info.json?url=https%3A%2F%2Fwww4.zippyshare.com%2Fv%2F3eocAAU7%2Ffile.html&jsonp=_ate.cbs.rcb_dff80 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 298
x-ratelimit-used: 2
x-ratelimit-reset: 293
access-control-allow-origin: *
access-control-expose-headers: X-Moose
x-moose: majestic
accept-ranges: bytes
date: Fri, 24 Jun 2022 00:35:07 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None edgebucket=Ue77lw73TY8hS3W0aE; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.1, "failure_fraction": 0.1}
content-length: 144
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   144
Md5:    7109cea205e48f54a27be12bf18b852a
Sha1:   9e79022bf86efabc4a6d38a1b2d53fcaee082e82
Sha256: 5d0ac5cf6dfdc12bfef7e9c6294aa896f3cf4b4330d511b775733fc6806a2beb
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9F16B283197C925F7D27F63100EBCB1EB23BCA1544C75B5D870C9072BAEE0AE8"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2615
Expires: Fri, 24 Jun 2022 01:18:44 GMT
Date: Fri, 24 Jun 2022 00:35:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4488F9BF923694410F93E08AD9666BCE77BC566C66EB39A9626F31CDC011241A"
Last-Modified: Thu, 23 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18259
Expires: Fri, 24 Jun 2022 05:39:28 GMT
Date: Fri, 24 Jun 2022 00:35:09 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skxRev%2BX5zWTwpKwqKjDcFmXT3%2FOrZPQRjjATjZs0q60mprqpJnunuaqq6pyc5BUXxJMPqyVPlk2yCGvxx8%2BIqnQUPASFzC2j%2BAQVFYcGbzBgTfFC8V%2B%2FzDp9Xn0%2B9v1OcsQYKfrrwit6iOOaz7YZXf%2BYN379eX6a0GNaHYeetTut63Qyu9ToN79n6S0ps6NnA8z3P9%2Fz6IhnV18PZCQjKDnt%2Bo%2Bc1WkHDb7cwNA62qMHyGuTgjD0CkuOZ%2B7WrIFEhTb5aUHYj19lzLyZFzHNtMJAHr6cbqS5TJJdl39TQTw%2FOp6HtyeI96PTulCL04GIwojGr%2FXAPUXpwTgzRYG%2FKLYqhUkTyIZSDCiquQLyC0O%2BC5AkDhMSNFaTJ%2Fg1tSr75D8on6JjNPPgTVI7ZzM9XkSZfzMc0rN%2FScZGTTi2GfQcaVqC1CllxhHyLgcojiPwdkPyRzT5YRprsrdhYg6Sb7k5UgfoVYjUCtwzF5BBD0a%2BhyGpI5Gld%2BL7f9aTgXtgToim7KupIz%2Bfdvs99rxOiEBN6I%2BTZCCIeQZhtZGYbGzSCKT4E2QoFd6DMIbP7YavptdtQ4njur1%2Fee%2BqbV38Fp9N6yNudoN%2FvdAPfbzZ5oFS7GfbCoBu12q1e0EREx3OrH9%2B%2Btjm8g5gYFD%2F%2B7nc2DdjUIS3cbmrIwahjdh67RubHcxdT6w5WMticYSAdSsVQWoaSM5TEUOYM5cDdlbENrNuXsS0i%2FzwH57npdrIz9vBUjz%2FEm9hQp%2FW%2BJ4Kw32s1g7DV60WhbHWbnbAjhS9D1QolLP27Ndn%2FgdsatmjMHv3pN2QTp8iPEPEj2PgIgp4GL54ELx34usNW6iD1IY94rngcN4ROkOVXkG%2FWduIz9tiUR2vw5X%2BeUxiHzDi8TfcZ1uIPdld1yfZWdWnZ1ytZTglt8YlnbuU8V%2F%2F%2F7GW1WWojlxbs6NPnxQSYlIevKZsv81RSumbZ5%2FMkpTKL2gjFvl2yt1V0s7Dr84VJi2z55guLS0lmlLWk0wqcTtbuQNCYXXm8O%2F0MT6x8AjIVTOGQFBfygHQFkW3DZpc9qxlMfHmPMoaycLsmiC6bEwPElzqDR27Hfg9LDrllfwMAAP%2F%2FAQAA%2F%2F9%2Btq1HUQQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3438255&sub3=1656030906&pid=91283&sub2=icon&auid=8a562ff6721133a2ee5389827b454923&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: abateall.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:09 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b29584e24833454889b1193f755a1033
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B494E4413A824900A570C70F6E0DEC62E18CC1CCF88AB669A8BB3112A74164E5"
Last-Modified: Wed, 22 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20381
Expires: Fri, 24 Jun 2022 06:14:50 GMT
Date: Fri, 24 Jun 2022 00:35:09 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 00:35:09 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 26 Jun 2022 00:35:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D56A88DB43956035DA596D102BB24F21BED0C225D4BE176F95C8005572B5688"
Last-Modified: Thu, 23 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15478
Expires: Fri, 24 Jun 2022 04:53:09 GMT
Date: Fri, 24 Jun 2022 00:35:11 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=ca6621f64bcdfd0a5aa2af7c57675832&uuid=87e67d08-edd2-4758-bcb5-89b028def434%3A2%3A1 HTTP/1.1 
Host: pickupfaxmultitude.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www4.zippyshare.com
Access-Control-Allow-Origin: https://www4.zippyshare.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15255681; expires=Sat, 25 Jun 2022 00:35:11 GMT; secure; SameSite=None uid_id2=87e67d08-edd2-4758-bcb5-89b028def434:2:1; expires=Fri, 01 Jul 2022 00:35:11 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 25 Jun 2022 00:35:11 GMT; secure; SameSite=None uncs=1; expires=Sat, 25 Jun 2022 00:35:11 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 25 Jun 2022 00:35:11 GMT; secure; SameSite=None uncs29=1; expires=Sat, 25 Jun 2022 00:35:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9ceaddc60d705ae2c69fcc81abd251a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5625), with no line terminators
Size:   3852
Md5:    1cd7fca541305da58fdf37f7e0100891
Sha1:   f1754c46501887f36a10b61ca55d096fdd0a3205
Sha256: 01d0ab4c0d6502fe2dce0ebf3a3c19e166e9e3b7a6a3f4b499cc1ba7bed8b70d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRSdNZYbqpA0FMAVIEDC5929u927pEAxxsjCxFECgg7NzsyeB8%2FurGZ2b88nCkMklPLSUq3f2bGAKIKCkoDOkUBEQvJRucAdEi1CSo3uYnHkN%2B%2B9%2F37x9u18sV%2BcERcFPV17Tw%2BkUnSlVXdrr33keVdqmzIt%2BrV%2BO%2Fg4aF6pmd7lTlB3X6%2B9I9iOXvFdz3U916utSyNi3V%2BZmpDZvY5X77j1pl%2F3Wk30zdPaFg4sdcB7Z%2BQ5SD5ZfOhcgmRjpMm3a8Lu5Dp74%2B2kUDTXBj1%2B9EG6k%2BoyRTKnsXEQp0fn19D2ZP0BdHo4iwvd%2B%2B8wkhPi%2FPwAUXp0HhJR72CWM1IQKSL%2BLMreGEKNIekYTN%2BC5CcEYBzXtpAmd69pU9LdJy6duhOy%2BPgfyHJCFv%2B4hDS5v6pkv3ZTqyKXOrXoxxVkfwzZHSMrjpEPFiDLY7D8c0j%2BG1l5vIk0OdiySkPy05fboQhC7raXBef%2BcjNstZcjFrWW253I9dtcxM1Gc1aQlGPIeAwlhqB2AYV1UEgHReygyBwk%2FLTGPM8LXc6o2%2B4w1uChiALuejSMPeq5QRsFm37DEHk2BFNDMLOHzOxhR945ab0CU%2FwEu13Bcgc2J%2BjxCqUgKC1BSQlKSVDmBGWvOuTK%2Bra6y5UtIu8c%2FXNsVCOdd%2Ffpoc67IiX72Rm5MOvur18%2Bw444rTEaBL4XB82I8Zi7tEWpT%2BOQtcIgbLUbPqysIO0CqHUwkBNCfr2IbIpfXkZEj2HVMZi8AFq8AFqOQt8F3R412y4G6f2BzLJdu02NqDOdgOsKWb6IfNfZV2fk%2BVmSV%2F98CYI9IucDZipkpsIn8iFBV90e3dAlObihS0u%2B28pymcgBnf7hmznNxdLX74rdUhu%2BsWaHX11lU2NK770vbL5JUy7TriXfrErOhVnXhgnyw4b9UETXC7u9Wpi0yDavv7W%2BkWRGWCt1OgaVJ58GYHJClq4ezp7uxb9DSDOGKSokxTyp1GOwbA82m%2B%2BsJjBqrqPMQVlUI%2BNH86WSBErMNY0q2P%2FpaM737W10zYug%2BS2kSYWeqdBTFagawhbPjPLMPHrz98ZsEClnFCnjHETKqDtPqrXytBY2Gi4NOi0vDKkIo6bfjgOPU%2Bo3Az8IaAO5nUTfL%2F34LwAAAP%2F%2FAQAA%2F%2F%2BLU%2By6hQQAAA%3D%3D HTTP/1.1 
Host: pickupfaxmultitude.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=87e67d08-edd2-4758-bcb5-89b028def434:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:11 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95b70837bb9b97645cfc2d711b034082
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6695CC5BA38FBBF18AFBD106B490CCFE74553A037019FB9325EABCAC73135A14"
Last-Modified: Tue, 21 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Fri, 24 Jun 2022 01:48:12 GMT
Date: Fri, 24 Jun 2022 00:35:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6695CC5BA38FBBF18AFBD106B490CCFE74553A037019FB9325EABCAC73135A14"
Last-Modified: Tue, 21 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Fri, 24 Jun 2022 01:48:12 GMT
Date: Fri, 24 Jun 2022 00:35:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6695CC5BA38FBBF18AFBD106B490CCFE74553A037019FB9325EABCAC73135A14"
Last-Modified: Tue, 21 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Fri, 24 Jun 2022 01:48:12 GMT
Date: Fri, 24 Jun 2022 00:35:12 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F3%2Findex.html&l=804&fd=162 HTTP/1.1 
Host: pickupfaxmultitude.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=87e67d08-edd2-4758-bcb5-89b028def434:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/software/us/norton/3/img/close.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 00:35:12 GMT
content-type: image/png
content-length: 1778
last-modified: Wed, 17 Feb 2021 11:45:07 GMT
etag: "602d01c3-6f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1476575
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY0NfrRrOYgfzD0CWKgtv6sQ91VEvUfRDsE%2BJ8SWB1kunmJuJl3mz6fS5l6jhatabb8S0jy4m%2BAEFBlYacNhe5TGE0k958jIy59bUr08rkeQC1MpfGO9HGQxqhxWz84O93k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 720161d1487bb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   1778
Md5:    c1b8f53c3afa0fdd5be48e6bfdbbb6fa
Sha1:   eeb2cd8d17e3abe135865be77330b8519f6bceb2
Sha256: 8f5d7d0bf69b5fcb8a110dd7c79948e70c860440b6ecc803a20ababe193a1af0
                                        
                                            GET /sb/notifications/software/us/norton/3/img/bg.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 00:35:12 GMT
content-type: image/jpeg
content-length: 44657
last-modified: Wed, 17 Feb 2021 11:45:08 GMT
etag: "602d01c4-ae71"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8150059
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShCr9tbzq0dHXib7RKZ%2Fe0XFmm5urSVYCBZc6qzd11fYbUR6tcIowDpaTEH8HzNTXQRVBcRaK5aVsr8z76rR1YM8khXf6KnSBgc9aA0p4emwESG7I6mGD11Mv1E%2F%2B2GOFn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 720161d14877b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=328, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=492], progressive, precision 8, 492x328, components 3\012- data
Size:   44657
Md5:    303522a4c545da31327a69efadca83b3
Sha1:   edbe54afdcc62702af7c80fc0192801e8956ca69
Sha256: 7354b8e708ec7ca362f034d4a30a9459a39819f89f472a8717cae083c25bb1cf
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6695CC5BA38FBBF18AFBD106B490CCFE74553A037019FB9325EABCAC73135A14"
Last-Modified: Tue, 21 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Fri, 24 Jun 2022 01:48:12 GMT
Date: Fri, 24 Jun 2022 00:35:12 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F3%2Fcss%2Fanimate.css&l=79249&fd=227 HTTP/1.1 
Host: pickupfaxmultitude.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=87e67d08-edd2-4758-bcb5-89b028def434:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 00:35:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /sb/notifications/software/us/norton/3/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www4.zippyshare.com
Connection: keep-alive
Referer: https://www4.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 00:35:12 GMT
content-type: text/css
last-modified: Fri, 30 Apr 2021 11:24:35 GMT
etag: W/"608be8f3-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbt8XujgWUYG%2F5OD2KYnCFxqN3z3HtwwgfHhWsKqlpVR9b6dP11jcMvhcR79ikBMmyNbXEofCt5BQd4%2BIWRlKcglRe8kiLtbPJ0ivZbVFUh8RMAw6Qhz9D6e83FGB3QqQeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 720161d11860b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4847
Md5:    c91016401e0a0b7b3d7572de48c76597
Sha1:   12fb634abb5e708b4f55d1489055b4f626d3cdd1
Sha256: 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120