Overview

URL https://www110.zippyshare.com/d/YZENOK7Q/18251/WP_All_Import_Pro_Plugin_v4.7.4.zip
IP46.166.139.231
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-12 13:32:02 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-12 2 encloseddealing.com/1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js Malware
2022-06-12 2 aphycolourses.info/NElodlhPaxsBB0E7BFRiFiEcAihHc0dZL0M%2BWUdoGjMBBihNOgAXKl (...) Malware
2022-06-12 2 d24ak3f2b.top/advertisers.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-12 2 encloseddealing.com Sinkholed
2022-06-12 2 exchangediscreditmast.com Sinkholed
2022-06-12 2 d24ak3f2b.top Sinkholed
2022-06-12 2 addresseepaper.com Sinkholed
2022-06-12 2 unseenreport.com Sinkholed
2022-06-12 2 unseenreport.com Sinkholed
2022-06-12 2 minimsfidget.com Sinkholed
2022-06-12 2 qualitydestructionhouse.com Sinkholed
2022-06-12 2 qualitydestructionhouse.com Sinkholed


Files

No files detected



Passive DNS (40)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-06-12 06:46:58 UTC 23.36.76.226
[Mnemonic Passive DNS] ustingexcelle.xyz (4) 0 No data No data 54.230.111.46 Unknown ranking
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.35 Unknown ranking
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-12 04:52:30 UTC 142.250.74.3
[Mnemonic Passive DNS] s7.addthis.com (4) 1504 2012-05-21 19:36:58 UTC 2022-06-12 06:04:04 UTC 2.18.172.123
[Mnemonic Passive DNS] d24ak3f2b.top (1) 105412 No data No data 142.0.204.220
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-12 04:01:59 UTC 34.120.237.76
[Mnemonic Passive DNS] unseenreport.com (2) 0 No data No data 192.243.59.13 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-06-12 05:24:37 UTC 23.36.77.32
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-12 04:51:07 UTC 54.230.111.64
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-12 04:52:16 UTC 54.148.90.190
[Mnemonic Passive DNS] qualitydestructionhouse.com (2) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-12 04:56:33 UTC 104.18.20.226
[Mnemonic Passive DNS] www.gstatic.com (1) 0 2015-06-20 09:50:55 UTC 2015-11-29 15:55:55 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-06-12 07:48:49 UTC 2.18.172.123
[Mnemonic Passive DNS] api-public.addthis.com (3) 4111 2012-05-21 13:44:35 UTC 2022-06-12 08:16:31 UTC 2.18.172.123
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-06-12 01:30:00 UTC 142.250.74.164
[Mnemonic Passive DNS] crrepo.com (1) 82002 No data No data 104.21.235.114
[Mnemonic Passive DNS] clksite.com (1) 68288 2015-01-01 17:16:10 UTC 2019-11-27 09:37:42 UTC 173.192.101.24
[Mnemonic Passive DNS] www.reddit.com (2) 2161 2014-04-07 21:08:17 UTC 2022-06-12 05:12:49 UTC 151.101.85.140
[Mnemonic Passive DNS] cdn.adx1.com (1) 10630 2018-05-29 09:13:29 UTC 2022-06-12 06:59:29 UTC 149.11.201.98
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] z.moatads.com (1) 374 2014-06-08 02:51:55 UTC 2022-06-12 06:26:02 UTC 2.18.34.199
[Mnemonic Passive DNS] addresseepaper.com (1) 18169 No data No data 104.21.80.216
[Mnemonic Passive DNS] minimsfidget.com (1) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-06-12 08:13:00 UTC 104.18.32.68
[Mnemonic Passive DNS] www.maxonclick.com (2) 173326 2017-01-29 09:04:56 UTC 2022-06-12 10:05:40 UTC 35.190.68.123
[Mnemonic Passive DNS] blicatedlittle.xyz (2) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] m.addthis.com (1) 1448 2015-03-31 14:19:35 UTC 2022-06-12 12:16:51 UTC 2.18.172.123
[Mnemonic Passive DNS] widgets.pinterest.com (1) 6540 2015-08-27 21:24:43 UTC 2022-06-12 10:05:42 UTC 151.101.84.84
[Mnemonic Passive DNS] encloseddealing.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.139 Unknown ranking
[Mnemonic Passive DNS] quiremuken.xyz (3) 0 No data No data 104.21.29.224 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-12 10:02:28 UTC 93.184.220.29
[Mnemonic Passive DNS] exchangediscreditmast.com (1) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] aphycolourses.info (1) 121151 No data No data 44.195.137.121
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-12 10:29:56 UTC 45.133.44.9
[Mnemonic Passive DNS] www110.zippyshare.com (8) 0 No data No data 46.166.139.231 Domain (zippyshare.com) ranked at: 41031


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.231

Date UQ / IDS / BL URL IP
2022-06-26 16:17:44 +0000
0 - 0 - 4 www110.zippyshare.com/d/tzq4tpu5/7320/l3050ec (...) 46.166.139.231
2022-06-26 16:17:33 +0000
0 - 0 - 3 www110.zippyshare.com/d/tzq4tpu5/8683/l3050ec (...) 46.166.139.231
2022-06-24 08:02:11 +0000
0 - 0 - 8 www110.zippyshare.com/d/tzq4tpu5/17103/l3050e (...) 46.166.139.231
2022-06-24 07:25:56 +0000
0 - 0 - 9 www110.zippyshare.com/d/tzq4tpu5/30517/l3050e (...) 46.166.139.231
2022-06-17 19:40:33 +0000
0 - 0 - 9 https://www110.zippyshare.com/d/2HPetcoH/3583 (...) 46.166.139.231
2022-06-17 02:22:35 +0000
0 - 0 - 4 www109.zippyshare.com/d/oc6swaoi/16487/revo.u (...) 46.166.139.231
2022-06-17 02:22:17 +0000
0 - 0 - 12 www109.zippyshare.com/d/oc6swaoi/8755/revo.un (...) 46.166.139.231
2022-06-10 15:53:19 +0000
0 - 0 - 7 www109.zippyshare.com/d/oc6swaoi/37047/revo.u (...) 46.166.139.231
2018-12-15 12:56:12 +0100
0 - 0 - 1 https://www110.zippyshare.com/d/u2mtbtGA/841/ (...) 46.166.139.231
2017-09-05 18:40:13 +0200
0 - 0 - 0 www109.zippyshare.com/v/5BA45I0d/file.html 46.166.139.231

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-08-19 16:52:08 +0000
0 - 0 - 4 major.wrengostic.com/ 185.107.56.57
2022-08-19 16:51:22 +0000
0 - 0 - 3 buy.wrengostic.com/ 185.107.56.57
2022-08-19 15:50:15 +0000
0 - 0 - 5 edge.wrengostic.com/ 185.107.56.57
2022-08-19 13:21:56 +0000
0 - 0 - 7 boletosimple.com.ar/ 77.247.179.88
2022-08-18 12:23:59 +0000
0 - 0 - 3 how.wrengostic.com/ 185.107.56.58
2022-08-18 06:15:23 +0000
4 - 0 - 3 from.hammerhandz.com/ 185.107.56.58
2022-08-18 01:18:56 +0000
0 - 0 - 1 use.wrengostic.com/ 185.107.56.57
2022-08-18 00:49:35 +0000
4 - 0 - 3 rp.seroteforoh.com/?pcrc=867485255&v=2.0 77.247.179.88
2022-08-17 17:47:08 +0000
3 - 0 - 3 ihaveachargefromapple.com/ 77.247.182.245
2022-08-17 07:53:58 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-4.exe 141.98.6.236

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (37)


Executed Evals (2)

#1 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

#2 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 806, repeated: 1) - SHA256: 0f7e21283d229fecc7fc1d44e085228b03fefb5f724ef7cdee64ee97ca121a53

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 a5eac344d1a " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257CKmd2L2diaQdH8AH0dEdHP3xP.f27%252CZMkKdRAQlkuDbgTABrav5OAihFz6B9yeHpIy6rZW95HrjTMJ7Grg5uezCNiZMr7rrVDtKj9fa_a0ZkV5qm9OiSQqzaTSgyy7_7Wi8dl2e_FCnMcBIPSU-7wlO2Ng-TsT&cbpage=https://www110.zippyshare.com/v/YZENOK7Q/file.html&cbur=0.30500539120356385&cbtitle=Zippyshare.com%20-%20WP_All_Import_Pro_Plugin_v4.7.4.zip&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    

#2 JavaScript::Write (size: 804, repeated: 1) - SHA256: d663b3f422d462be4d1674f71ec2cbf036455982a43fff929a3fca6785c229b7

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 a5eac341e84 " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257Cd74iZnt2aQdH8AH0dEdHP3xP.2ca%252CZMkKdRAQlkuDbgTABrav5BWdZTELhCu86eK-oJH18Bihvj1tj_4ABQIfa2LJ9UoU1HhW7LZHURVD5RvT0oMpu_r3QPdeb-j4_4Qwa9iHj-jIidMJ5OCDynnp858Xw0wK&cbpage=https://www110.zippyshare.com/v/YZENOK7Q/file.html&cbur=0.841505663465107&cbtitle=Zippyshare.com%20-%20WP_All_Import_Pro_Plugin_v4.7.4.zip&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    

#3 JavaScript::Write (size: 707, repeated: 1) - SHA256: 725ed6d4cb17d575abbc0d82004131a91938a217497ef0a744e1b46b4982326d

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CQ3Pio2NioGU3Bf9GH0dEdHP3xP.e12%252CrL2XlWmU3XBOtuMRY_A8smY7sWeRIsT-6nBH9QGH4c3_7GTYdAzb1F0JbUNTkAoCaRg-k3mMkW2uwBoreyxoSgojrP5qfGttQ0Iu5I4jOOzej2PKwB-lJVKj53ZCTZQB7QWVpRXURB7OiByFWrcHQ8V8Ycs0rT6IJygCnqCaerqzUEHKhuqhc7TvXOVPC0JDP52VGNz1ju1_q6bht_4DeiLvtVhDcYep6op4XA7K-3HCSCxuREl_boUXfIWFJKoKqKu-Zzp9Q49hV2Vy290hQnZzV8R9Qj-xHfL58Mhvgig1ezmYUmacPAJlsazdjFw6FSDzniGy2PgBy0H22QL7LNxacCy61Csq-1Fmr5Bv9EjS6bMeeSNCG6Jr7_DsyPIhcxuODo-nhPYUOsu3nfZrBHIdNy6CtG1zWsrJRbWuk2HwZ0Q4MOTJmTOgbv4EhH5C"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/297562620/creatives/23463706/c54a7bf82d5180e27fba730677e27b6c_4322.jpg"
width = "100%" / > < /a>
                                    

#4 JavaScript::Write (size: 707, repeated: 1) - SHA256: 8b96c10c6a4263a89b3ec9b0676ef44951773cc6fab458828b542f20aecaf749

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CA2L6d3LitGU3Bf9GH0dEdHP3xP.6b6%252Cqcr8jRSDa2flz9g2LLQIJ5FpfEsCwlAzBjsswNBreG2kDZFN7htd92Mc0GsSfnH013UtAnRAxe8zGtIak-uNZnQ87pEEBH0yY2xZ9obRQxQ2KrKcRxRSAnchu9fk7XlDAVS77Tf1qmQUwvVVb2GmZDIL3YTDIbKhZXMNmTJuOjtGM69J9KXZA2wuDekdxNJmdQd9imO-67UPTVfYqaZKjCkuyR75oVW1hCCwRe72OYCUrYCMf8oGw932co35WFDrhg-JhIa3sjm3TbM0pTSs2hXBWTVp9HKWWebeBerGVLLAIajJWr6cdVg5GUW2d4zDjf20DRqnfQZEhKoeg1lo5659sCn_2E8tJysrlYHWE9wmKAX8NECE9oUZ_F3i-YHE9b_DlCoPS1UtB_lek2SAvnkMe7fZg_ooF8M0H5jsu2Y9WwNJ_GKMqW1pQCcxruXL"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/278371020/creatives/23426596/e192295018ae5357d1c5b67ef5e985ad_3890.jpg"
width = "100%" / > < /a>
                                    

#5 JavaScript::Write (size: 707, repeated: 1) - SHA256: b4017eab8b99715e91ec590b49772088d9ffed1bc583d42b759a7edae6f6365d

                                        < a href = "https://www.maxonclick.com/do/c.php?stamat=m%257C%252C%252CQidrYiEitGU3Bf9GH0dEdHP3xP.1e4%252CaedwGZugLolsu8BC6ritsUAWy-2Xb5P4yCuISX1UCd8GWrtO_YJjrfBHgIb5uDAgDmFYhPeMQQ0bpXObTZUBhW-QiUMs-QaZUefAY8soZuI3bFMcGBbVV68V-fiCAVK_82CrGjRLBRn9DBsyy6SjR135TOR8IsvqqKeB1FZ786lMDEh52KsUM3eVbGhyhz2QZ3PyzcZa9fUtM9bunJwHtxnqP0lWppoj6SJs7ZoP2V3_ZtqGE8OT_wZWlrMlBd9NiN1iloiOnlY4RBJSovsakOO4iIh14z0xYF7DcnFQFiyqiP0AXiebgbqhShNqb8elo2wAHKQ2JonStSIBWsGSSurO-EGBTDuD5IMOWpTjDYGct8CQVFi8FT4reBsdsJSpAAOBZhBfc8DYixnAiTZ5eWYl4QYYDtF4JMAuANxO3C4fDW4Hs1c4iSJddfUgO7bE"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/297562620/creatives/23463706/c54a7bf82d5180e27fba730677e27b6c_4322.jpg"
width = "100%" / > < /a>
                                    

#6 JavaScript::Write (size: 805, repeated: 1) - SHA256: 47057fedf0d1342faaf42c0bfc208f9388fdfa0c8a4aacd757c637a261d4139a

                                        < iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
62 a5eac3499ce " frameborder="
0 " src="
https: //www.maxonclick.com/ad/display.php?stamat=m%257CZ_dhYXI2aQdH8AH0dEdHP3xP.de6%252CZMkKdRAQlkuDbgTABrav5L-SQfDX2BrNjnMxvT5gFtJvhhu7FlWLsYQvhFRi3zBP-0jRKlZ5gRQkw6gosYeZ9SLQrR2cIYw4hP36JWHDC9GD8TCq2plsuPj_dooX-jn0&cbpage=https://www110.zippyshare.com/v/YZENOK7Q/file.html&cbur=0.7534805187121243&cbtitle=Zippyshare.com%20-%20WP_All_Import_Pro_Plugin_v4.7.4.zip&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
                                    


HTTP Transactions (90)


Request Response
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:46 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 16 Jun 2022 10:56:46 GMT
ETag: "1e2f9fa95fd79b58702c5d2a4554d9371fd6f53e"
Last-Modified: Sun, 12 Jun 2022 10:56:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1548
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 71a2f2e11e760b59-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    fca89f17be71110e16b941c1e527ddcb
Sha1:   1e2f9fa95fd79b58702c5d2a4554d9371fd6f53e
Sha256: 5a84c0990361a2acf22740b05b0c8a9a0504d55f9f17a8fb05b80c41e5b7e9c8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A5CF1C1FB8BC3A29B06B32BD6587A7697B47ED224BF7D380A577895C4BB332B1"
Last-Modified: Sat, 11 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15602
Expires: Sun, 12 Jun 2022 17:51:48 GMT
Date: Sun, 12 Jun 2022 13:31:46 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Backoff, Alert, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 12 Jun 2022 13:14:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N5cW4suW7uApmQJoF_aX_tbhbwEncbDjvZcjON7WDkzt11Q2iTLrBw==
Age: 1057


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    680f534bc29773f704a63c3e3af93c2e
Sha1:   f1002cea53ff52d1c926d929f80601353c43bb48
Sha256: 0e83ec9c78b140e17c61e7c0f67997b5227af6f7c283c412a087b10a825a69f8
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 12 Jun 2022 02:10:48 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fysqhX-Srm2875HTADcJ7i9GR__N1BObzU6vHmHdu5WipHU7L34RaQ==
age: 40859
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /d/YZENOK7Q/18251/WP_All_Import_Pro_Plugin_v4.7.4.zip HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.231
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:46 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=0700843D910985773D12D1709F6CA2B7; Path=/; HttpOnly
Location: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /v/YZENOK7Q/file.html HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: zippop=1; Domain=.zippyshare.com; Expires=Mon, 13-Jun-2022 01:31:46 GMT; Path=/
Content-Language: en
Expires: Sun, 12 Jun 2022 13:31:45 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38103), with CRLF, CR, LF line terminators
Size:   40082
Md5:    25adb198d299897eebc5c8555e2ae845
Sha1:   8ce1be7a05189c6a783f7f3050503eb783b661f7
Sha256: 5007269cd05822599de64fb00b3dbb4d6310804e2a57cf883e385d3396db27b0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 12 Jun 2022 13:31:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 29 Aug 2030 13:31:47 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /ads.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sw.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 05:03:55 GMT
Expires: Fri, 17 Jun 2022 05:03:55 GMT
ETag: E7A4DF968F9C0DE34E5B7E2D9708655F9803EBE6
Cache-Control: max-age=400927,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp6
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71a2f2e37d90b503-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 05:03:55 GMT
Expires: Fri, 17 Jun 2022 05:03:55 GMT
ETag: E7A4DF968F9C0DE34E5B7E2D9708655F9803EBE6
Cache-Control: max-age=400927,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71a2f2e38c6c0b61-OSL

                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Sun, 12 Jun 2022 13:31:47 GMT
date: Sun, 12 Jun 2022 13:31:47 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   553
Md5:    013320dc130924a71a1470eb603321d1
Sha1:   2e9070e8984ac6f155c22846a57051f10d267743
Sha256: a29630044d084c6ac28dd4a00eb827a388d31e84a16b7bc18cc97661193f8b84
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 05:03:55 GMT
Expires: Fri, 17 Jun 2022 05:03:55 GMT
ETag: E7A4DF968F9C0DE34E5B7E2D9708655F9803EBE6
Cache-Control: max-age=400927,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71a2f2e39cb00b45-OSL

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 29 Aug 2030 13:31:47 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 49644
date: Sun, 12 Jun 2022 13:31:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D63c4yBR_8LptMk8TdcPCTJ9BqF_CTBRgUs_r1VwVF04bx2oDJOBtw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49644
Md5:    e82a25aebd1a36b56efe3a4c928a4911
Sha1:   c33cb82b1f83ee9e0df563fabed5f5131bb80259
Sha256: b0e7abae2261f181a5a04ef5fa8779db35f638e4869913bd86ce02b33f2f949b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.139
HTTP/2 200 OK
                                        
content-length: 36007
date: Sun, 12 Jun 2022 13:31:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bO-BVjFz0W_1nCDXlrBmXfoyv9ijfFiGTxYhK9QHPURLjGo0fqnU7A==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   36007
Md5:    83e9b178f5a53ad24261653a3298c14e
Sha1:   c07378d7257c2b74d2b7f7238622a7f7b547084e
Sha256: 8b373c4460a35e75185ae0569a95d3f26f820ef5c62fbf66cbc2981e68a30d66
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Apr 2023 13:31:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C230F290060255DF5C10BEFD66C4E06B0238D1C116DEF6E915FEE512DF0ABB65"
Last-Modified: Sat, 11 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5091
Expires: Sun, 12 Jun 2022 14:56:38 GMT
Date: Sun, 12 Jun 2022 13:31:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:47 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 05:03:55 GMT
Expires: Fri, 17 Jun 2022 05:03:55 GMT
ETag: E7A4DF968F9C0DE34E5B7E2D9708655F9803EBE6
Cache-Control: max-age=400927,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp9
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71a2f2e70c5eb503-OSL

                                        
                                            GET /1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js HTTP/1.1 
Host: encloseddealing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Sun, 12 Jun 2022 13:31:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d070fa1e7b124ab94f846c2458e514f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (53777), with no line terminators
Size:   17183
Md5:    349925b7b6755deef965b430a25114c9
Sha1:   414275c710f9e3c091f7be01993b5e64ac48496d
Sha256: 504a286209665a52597d86e1e60ad8f7dbafdda916f92f1b791b765663388115

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Type, Content-Length, Alert, Pragma, Cache-Control, Expires, Retry-After, Last-Modified, ETag
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 12 Jun 2022 12:32:44 GMT
Cache-Control: max-age=3600
Expires: Sun, 12 Jun 2022 13:22:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4IrMl21fSy3sMAQfOzkksMqQixpli6N16dA-uoxdJLJCCouyNd61yg==
Age: 3543


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /ad/display.php?stamat=m%257CKmd2L2diaQdH8AH0dEdHP3xP.f27%252CZMkKdRAQlkuDbgTABrav5OAihFz6B9yeHpIy6rZW95HrjTMJ7Grg5uezCNiZMr7rrVDtKj9fa_a0ZkV5qm9OiSQqzaTSgyy7_7Wi8dl2e_FCnMcBIPSU-7wlO2Ng-TsT&cbpage=https://www110.zippyshare.com/v/YZENOK7Q/file.html&cbur=0.30500539120356385&cbtitle=Zippyshare.com%20-%20WP_All_Import_Pro_Plugin_v4.7.4.zip&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref= HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.68.123
HTTP/2 200 OK
                                        
server: openresty
date: Sun, 12 Jun 2022 13:31:47 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
link: <//www.maxonclick.com>; rel=dns-prefetch,<//www.maxonclick.com>; rel=preconnect,<//harvest.gotrackier.com>; rel=dns-prefetch,<//harvest.gotrackier.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2555
Md5:    d231039e8a0557f3da1b3108a7eb3cee
Sha1:   475cd6e8dba83b49a0d6a54d2f605c8046e57fac
Sha256: b0ba1bdbc438d14d809e5d422bcc22377e8ff74706fc94d7cafabb5fc3e0ab1f
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "D52DE69826375318C6A638C52FF6F3FE7AB36CC4824E790BDCBC12736EA6B4AC"
Last-Modified: Sat, 11 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2009
Expires: Sun, 12 Jun 2022 14:05:16 GMT
Date: Sun, 12 Jun 2022 13:31:47 GMT
Connection: keep-alive

                                        
                                            GET /QjhJZVBtByoWbSNuLTcKcgkrBz0qbi8jKDRieD91cHoRImkpYHoSdjZRLVhodgt5UGVkSCABbXEKbxYkI0w8Fm1zHiALNi0FbxNtchZxS2hsCm8QbXMePRUxJQV4QyA2TCVYYXQNfFVkcg95UmlxDg HTTP/1.1 
Host: quiremuken.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.29.224
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFqt4OqPjOyAQvti%2FW6S1f0zxFQ7%2FUTqRLW6gbq3vhNrMYMJ%2FmoAkr%2Bowx4PoxsyYP%2FhnA63PFNwSokyFokSP8aPFmg5z5m%2FUJYHefO1WWD77%2FEKzSkJqnmeOCShrsIqSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71a2f2e82e94b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /S1BSbkxkbzEdcSg6OhcZJyATLxk/NzNeLwoCFSA8GScQJi0mI3QaJS9talp/e2VnSDwiNG9dfm0jJg84PiNvXHx7Z3QHIi0/b1xqPW1iQHRlaHxcaj5tY0g4OzE1U31tICYaIHZhZFt5e2RiWXx8aWFW HTTP/1.1 
Host: quiremuken.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.29.224
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSUz77J6ktta6JQpLj1ehusILZV6aM6xJbIxG4QJHAHjUFZtqF9M20vUTYn%2FHlSFlPSv6vE5kveyX%2FOVVUrAxxrGsTr2SWFDo6wAuKEQ2CaRCPXRihcJL3AcmsU0a4b5YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71a2f2e82e91b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142801 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 200 OK
                                        
server: openresty
date: Sun, 12 Jun 2022 13:31:47 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2476
Md5:    7223853cb4a5700dbcefd159d0c00e8c
Sha1:   db68cb4071d3e2cb9a1206901108e3c10ba798ec
Sha256: bcfab9248e563a228462eeec9d2adf079090a2081af4e2028b225dadb2cdcde8
                                        
                                            POST /ZFJ4RmpLbRs1VzFhHDY4VRQQEgYmYyEBMDQKSxwDPjlBJQxWE14yAwBvQHJZVGdNYBoNNkV1WEIhDCceESFFdFpUZV4vBAI9RXRMEm9IaFJKalZ0TBFvSWAeFDMfe1tCIgwyBlljTnNfVGZIcVpcY0l2 HTTP/1.1 
Host: quiremuken.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeUj5di%2FS2NHMh0qlpjcfqT4Dyom7kuT8hypnbJS7zYyXzIyGOA65ctZiinn1lCYKAmd6QjYj9BPgqmdVpPqvwBdr5f77daHUjEWu2lY7xR9ls0OubPFwKYsq%2Blr0KIWOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 71a2f2e85eebb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1942
Cache-Control: 'max-age=158059'
Date: Sun, 12 Jun 2022 13:31:48 GMT
Last-Modified: Sun, 12 Jun 2022 12:59:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:48 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 09 Jun 2022 23:32:37 GMT
Expires: Thu, 16 Jun 2022 23:32:37 GMT
ETag: 83EC2E9222514CC8DB6A4ED372FE51CE4880129F
Cache-Control: max-age=381048,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp9
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 71a2f2ea4f1c0b61-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5D7E3C05CFB6979B76AC9F1352BA6EF9D496838F628493926B23E4A2889F27F6"
Last-Modified: Sat, 11 Jun 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6989
Expires: Sun, 12 Jun 2022 15:28:17 GMT
Date: Sun, 12 Jun 2022 13:31:48 GMT
Connection: keep-alive

                                        
                                            GET /extban/297562620/creatives/23463706/c54a7bf82d5180e27fba730677e27b6c_4322.jpg HTTP/1.1 
Host: crrepo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.maxonclick.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.114
HTTP/2 200 OK
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
content-type: image/jpeg
last-modified: Wed, 25 May 2022 01:11:36 GMT
etag: W/"628d8248-f5df"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6580
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCtQNJCaB1q8IwUHZQB73OUDbN5SMqoABNULnJq%2FFtjMFwxsxIkratLmX%2BnhLk3n4bffcy6HZM%2F6A%2BUkIGN3Pmk66%2B%2BFcRBjBJg6NvHiloaU%2BojFAPe0Ki5JtOED"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 71a2f2e9b97c8865-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Size:   99698
Md5:    b038372c03cdd53f8f13eda9d25ab532
Sha1:   cb164277778ad2af34c9d9eb157f9438cb25f65e
Sha256: 274452dae59380967dcdb9e2e8cd42b13fe89122ce7a9c9a7e23dc987951da23
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KhfaTwFZdw9Pcf9XQjAaBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.90.190
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ei7HaCnQsbhlJaFzisxzYNbxTF4=

                                        
                                            GET /utx?tid=721637&top=www110.zippyshare.com&cb=R4OvSBNOMLlF HTTP/1.1 
Host: ustingexcelle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.46
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 12 Jun 2022 13:32:48 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O9Uh200RDWTTbEOor_zyXMG88mH0y-mve_kGSkeu1dLXNJKh5Kft4g==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "D52DE69826375318C6A638C52FF6F3FE7AB36CC4824E790BDCBC12736EA6B4AC"
Last-Modified: Sat, 11 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18247
Expires: Sun, 12 Jun 2022 18:35:55 GMT
Date: Sun, 12 Jun 2022 13:31:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "81A5705E96F08A83F8D81764B62BFA82A92562E1A13CD33C8075B273F213EE8A"
Last-Modified: Fri, 10 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19778
Expires: Sun, 12 Jun 2022 19:01:26 GMT
Date: Sun, 12 Jun 2022 13:31:48 GMT
Connection: keep-alive

                                        
                                            GET /ca/66/21/ca6621f64bcdfd0a5aa2af7c57675832.js HTTP/1.1 
Host: exchangediscreditmast.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Sun, 12 Jun 2022 13:31:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 203ba8fd15a214e603f2e41b2c2110da
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33847), with no line terminators
Size:   11416
Md5:    fa5b0474e1a5e3025c35b77a2c889693
Sha1:   61c9a6e91d7e8eeea8aa89d4602c522430828b75
Sha256: 44ef0f542b4c6d9d92fc263d6f2ca19a07f019d7d9b1132280de1e531d0a6f1b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /NElodlhPaxsBB0E7BFRiFiEcAihHc0dZL0M%2BWUdoGjMBBihNOgAXKlFnCxk1GzofWDJHa0RUK1kvSkxpGGscFz9rIAxUYhZ%2BWkduB35KWnpHPAopMVB7Skx6AXpdFWsMf1BbPgEsW1tsASxRWzkHewxbawJ6WEU6AX5YEj1VaxU HTTP/1.1 
Host: aphycolourses.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=utf-8
set-cookie: 3bbb7a0d7d4c08aa65182bb1a12c0cb3=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e105-KZIy7C6GjHTBLs5Dhi673+DEvWY"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57605), with no line terminators
Size:   22899
Md5:    98e90cc156dc5ecdc99cc058a9477735
Sha1:   a1a16fd629149077c57d5ae6b363cc885e856eff
Sha256: 1c2e638e76c2855f945d3df109cac942e07e0fa514dbe81bb348ca8d9a1ef052

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 12 Jun 2022 13:31:48 GMT
Last-Modified: Sun, 12 Jun 2022 13:02:38 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jRUrO-uIN2m6q9U6I_ogHIcxJh0a_5BwYCjRYH_gesnackwPjZyxJA==
Age: 1750

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A4EC487D76027B599575822F2DAB1100A460396997B8E98013C00DACA3DF12F9"
Last-Modified: Fri, 10 Jun 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6465
Expires: Sun, 12 Jun 2022 15:19:33 GMT
Date: Sun, 12 Jun 2022 13:31:48 GMT
Connection: keep-alive

                                        
                                            GET /static/advertisement.js HTTP/1.1 
Host: clksite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.192.101.24
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 12 Jun 2022 13:31:48 GMT
content-type: application/javascript
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Tue, 14 Jun 2022 13:31:48 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116325
date: Sun, 12 Jun 2022 13:31:48 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116325
Md5:    ff4671f71c958029bbf6d9694284da70
Sha1:   7535744f2dbaf99902a54fc529e760b08a73f265
Sha256: 123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/YZENOK7Q/file.html
Cookie: zippyadb=0; JSESSIONID=0700843D910985773D12D1709F6CA2B7; zippop=1; ppu_main_1d3584ff950f38d5b2e10bc2994be620=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 12 Jun 2022 13:31:48 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 08 Apr 2023 13:31:48 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:48 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Jun 2022 16:11:20 GMT
expires: Tue, 06 Jun 2023 16:11:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Jun 2022 04:02:41 GMT
content-type: text/javascript
age: 508828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (570)
Size:   146778
Md5:    801190cdc0f65a502adfe207b259ec7c
Sha1:   3fe701ced40a4810164a5eabaf27ca1e88b77214
Sha256: 56635c02f642528859a0bec1974b3dd09fcb2326c002dad4cce8ef856e99cc1d
                                        
                                            GET /utx?cb=hF1OhpoIk292&top=www110.zippyshare.com&tid=726474 HTTP/1.1 
Host: ustingexcelle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.46
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 12 Jun 2022 13:32:48 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qrwMKIw0-55dQtmCEWqGHnWquzVEnrIJlFuAlvB18qgKO8ckWS6TRQ==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=0J53wAafOP5s&top=www110.zippyshare.com&tid=843055 HTTP/1.1 
Host: ustingexcelle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.46
HTTP/2 204 No Content
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 12 Jun 2022 13:32:48 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hchRHt_fMrAdy0nlL0UEQc-OtLKSKchpp79ZiCsB5zrV6jY1sRKgkA==
X-Firefox-Spdy: h2

                                        
                                            GET /advertisers.js HTTP/1.1 
Host: d24ak3f2b.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.0.204.220
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Sun, 12 Jun 2022 13:31:48 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 12 Jun 2022 13:31:48 GMT
Cache-Control: public, max-age=18000
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /multi?cs=bnVGQ2dcTXZ3UFlAcHBUXkZ0e1U&abt=0&red=1&sm=76&k=zippyshare%20import%20plugin&v=1.0.58.2&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_QOVU=1655040708113&crc=1 HTTP/1.1 
Host: ustingexcelle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.46
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 1460
date: Sun, 12 Jun 2022 13:31:48 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=94c044b6-6d34-4240-a9ba-642e344f39ee
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rbeFEuMYx6mPaWnhed10TLZsTHHFojHfhwixnPRSARcnCmwsk_VYoQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3051), with no line terminators
Size:   1460
Md5:    1f5dee1da82529a5a1589bbba93f4d35
Sha1:   b12f064f752f1fc124348b6652496435074b9382
Sha256: 868e7c9572e5a8252276bcef5697ab4c39a8ec9fa59b197249fb9390c86a4588
                                        
                                            GET /qWUVmbmM6KggIXC0sAlNbbXZWW1Z/LxUBDSl4NB0oIyg1ASUsMQkZUn8xHApeaWMKDw0+eEALDTp4V0gCPSdbXkUtNQkFXiwrAgsFMCsDCkUsJFsDDCMsCgICfHcgW01pYFReSyF0V0tQG2BUXg8wKxMWRmt1HlZVBnNSS1AbYFReES9gVS9ab2tWR0ZrdQ-ELADIqQ1wla3VXXlNodVdLUWkjDxwGPyoeS1EffFBAU38wW18 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 357
date: Sun, 12 Jun 2022 13:31:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _VhE4s5r1sDNtKrR7l_hqlbdR39Wzu3ODJePLoz3K9MBqoyM9vfV-g==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (445), with no line terminators
Size:   357
Md5:    6a87a2fd75d79858624fdf2839960ee6
Sha1:   32ca5d70e745d21b6cbeca0f65f8e6ea7189f4d9
Sha256: 4e9ced26a6fbc082ed91ab72c9fc3e6f3efc6078b787ff284d9996ea141be68c
                                        
                                            POST / HTTP/1.1 
Host: blicatedlittle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         2.18.34.199
HTTP/2 200 OK
                                        
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=9097
date: Sun, 12 Jun 2022 13:31:49 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /hcURzQTMSKx0nDAUtF3wEQ3JHdgdXLgAuXQF5GhlXPDRDCEQoCBh3aTs8CmdHCyBOcRUdJR0mDlchHSIOQGISJVFMdFU1Qx4vTiJUGjccM1QLJhdnRhB5Hi5JGCgfIBZDAkZvA1R2Q2lLQHVWcnFUdkMtWh8xC2QBQTxLd2xHcFZycVR2QzNFVHcyeAVfdF-pkAUEjFiJYHmFBBwFBdUNxAkF1VnMDFy0BJFUePFZzdUhyXXEVBHlC HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.139
HTTP/2 200 OK
                                        
content-length: 452
date: Sun, 12 Jun 2022 13:31:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jP1g49WJWlTYM13aFKVKZTl42pMuKFbG-L8av9-KQ-lGIm4VgoB7Xg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (584), with no line terminators
Size:   452
Md5:    20dba6704ad416e217f35bb348ea565c
Sha1:   91dbf9303b135ca9a75bb6cd1329d83c39c61ae6
Sha256: 48450ab0d139de67501b17cffa72d1b1442ef9c6f0a4dadb8626239f67c9021e
                                        
                                            POST / HTTP/1.1 
Host: blicatedlittle.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 358
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 12 Jun 2022 13:31:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.80.216
HTTP/2 200 OK
                                        
date: Sun, 12 Jun 2022 13:31:48 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a7da19cd51a443fc019a6c39fbcc26a4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 12 Jun 2022 13:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdzVf%2FHsvgW5y7iTDZZBcPlQaCeCfr9TEz5%2BuLNYmUchxsOizo6coIP%2Fg9HxANcEZ1SsoMcGfoyeoqrfv2L8nGObsntqdS84hpbGySP%2FhQVZ%2F716REA8h0YFi5VJfovTDoDQMuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 71a2f2e8cdd0b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   17967
Md5:    a627886f516108ac865b1b290243d1a7
Sha1:   5269792cf91881e8a209b266bd36ff9fdfac6812
Sha256: 05027c84ba22fa9ea047099a95fe2009d1e4de0f04cd79b8a731a5d6290e4751

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /live/boost/ra-4d7009770839a69f/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
content-type: application/javascript;charset=utf-8
content-length: 394
etag: -1051258987--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=52, s-maxage=86400
date: Sun, 12 Jun 2022 13:31:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77617
date: Sun, 12 Jun 2022 13:31:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   77617
Md5:    7314703b3e7bed85a9c681ba1ef347d3
Sha1:   a16b577b93adfd37978875a227d4122689bff853
Sha256: 68c6648a5bc71e6aef61f46e96a4e14b31ca5dfb05cc375545b7b2591c5f3ce2
                                        
                                            GET /live/red_lojson/300lo.json?si=62a5eac5dc25c2cc&bkl=0&bl=1&pdt=557&sid=62a5eac5dc25c2cc&pub=ra-4d7009770839a69f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www110.zippyshare.com&fp=v%2FYZENOK7Q%2Ffile.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1655040709419&jsl=1&uvs=62a5eac517f17be1000&skipb=1&callback=addthis.cbs.jsonp__66318519361334950 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 12 Jun 2022 13:31:49 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    a599d5a684ecf1dad283909bb93020b7
Sha1:   cc92a53624de4a62d9ed1682078a6642028ed662
Sha256: 08bc259ada8393f82240d711e1c0af80980741e1392bfbdd14e3ec4cc29232e7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D84B44BFB236AC98DCCD86C3A40C3AB9699FB9DA9CF1A5A8045FB60F109594F"
Last-Modified: Sat, 11 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Sun, 12 Jun 2022 15:10:00 GMT
Date: Sun, 12 Jun 2022 13:31:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D84B44BFB236AC98DCCD86C3A40C3AB9699FB9DA9CF1A5A8045FB60F109594F"
Last-Modified: Sat, 11 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Sun, 12 Jun 2022 15:10:00 GMT
Date: Sun, 12 Jun 2022 13:31:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D84B44BFB236AC98DCCD86C3A40C3AB9699FB9DA9CF1A5A8045FB60F109594F"
Last-Modified: Sat, 11 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Sun, 12 Jun 2022 15:10:00 GMT
Date: Sun, 12 Jun 2022 13:31:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D84B44BFB236AC98DCCD86C3A40C3AB9699FB9DA9CF1A5A8045FB60F109594F"
Last-Modified: Sat, 11 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Sun, 12 Jun 2022 15:10:00 GMT
Date: Sun, 12 Jun 2022 13:31:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c14cb26-dd16-468f-aee7-a67dfb9bd19a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10031
x-amzn-requestid: 51a372aa-7589-423a-9c8b-a7890d182e7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TlQiyH3MoAMFbNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a52e11-422e586430148d3c75e49b51;Sampled=0
x-amzn-remapped-date: Sun, 12 Jun 2022 00:06:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JVBSBoh0MnQDq3Kmfpgp4VVjM4Qn7gMi2F399I6p-iK21I2GWrflpw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:13:37 GMT
age: 47892
etag: "ed73c910b5a887323050aed8ee02f5662b9429ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    2e816faa0d97eea154bf191ea6bf54b3
Sha1:   ed73c910b5a887323050aed8ee02f5662b9429ed
Sha256: c9b50ca2f1c2d5f75290b6669442eeae3b398c6d22771dbecc3abb1db035d83e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30e07b68-f7d8-460f-bff7-caa5fd305080.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6648
x-amzn-requestid: 8dd087f1-a276-4abe-91c8-3c3274d7e235
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TlQMPGW9oAMFYrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a52d81-3e7a235a3c4769ba3d4be32b;Sampled=0
x-amzn-remapped-date: Sun, 12 Jun 2022 00:04:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3PnR0nHDbV7vtJyEm_a3iZV1DtSD-5FwJcWdv33wg7rrXIjP7fJJdg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:52:43 GMT
age: 45546
etag: "8c089af4cf776be09a18cd5ee8d237aa10fd704a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6648
Md5:    6c4b92f8e6ad48c02ac6a877c7ae99a8
Sha1:   8c089af4cf776be09a18cd5ee8d237aa10fd704a
Sha256: 34588c82f51408a0d34a0b0f38925d9058785b926f00c412f606c1af8f57831f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbce220b-2d5e-4995-abca-1bba32e613c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8094
x-amzn-requestid: 13e8c5b5-5371-4b9b-8d35-accaf79b2299
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TlQ8pFEfIAMFu9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a52eb7-1e8412866f9827342e05a71a;Sampled=0
x-amzn-remapped-date: Sun, 12 Jun 2022 00:09:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eo7mqLAYLz7C3-EKbMH01yPzr5XhiOR9M1NVPFwqHMCVJF6k7Als8g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:52:41 GMT
etag: "e2837e05e7961c2eda877dae2bb2ae4aeda18579"
content-type: image/jpeg
age: 45548
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8094
Md5:    adfabbcec9177acf2614f747927411a2
Sha1:   e2837e05e7961c2eda877dae2bb2ae4aeda18579
Sha256: 9389d616ed7a03472f31687ab30b8c213131a7caf7782159dc8d06b1af994acb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d1b3bd1-87ba-4223-9951-275d855adbdb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7339
x-amzn-requestid: 12f5d637-0ad0-475e-ae29-63b15767c6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TlP8hHZFIAMFaAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a52d1c-20cb881c0ed218a047c235d3;Sampled=0
x-amzn-remapped-date: Sun, 12 Jun 2022 00:02:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kQob4tLYuUWrhHJ-OrETiz_hAsbELHZkUuoH-qMN_ZXXHEer4V0z7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:13:39 GMT
age: 47890
etag: "c58fe69d53f576fd8a9fd7272510a4c0ee175b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7339
Md5:    7e3c0c6f52c7b9458bbf00bfce080473
Sha1:   c58fe69d53f576fd8a9fd7272510a4c0ee175b6c
Sha256: 6b879f7d2f7e534d764b9e83fee579fa8bf0d75801cb9cf0822668ae85678b2d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f893daf-1996-4b35-bae9-6a64bfac7cd8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7912
x-amzn-requestid: 26d8d3d0-5839-43e3-9b2f-fec2a2d47cdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TlQkkG7aoAMFfQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a52e1d-64053f467f29be880652d23b;Sampled=0
x-amzn-remapped-date: Sun, 12 Jun 2022 00:06:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hHFKiyaAhAWa0nUzPp9tbX409FSgoBIn-sOWXHQW6GACOKw3pIxX2w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:20:53 GMT
age: 47456
etag: "6da5b5a86ad7ab08451be71a9c3b63fa3c3ec5d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7912
Md5:    7a51b3ed26691a6d6b853d0c2a5512b6
Sha1:   6da5b5a86ad7ab08451be71a9c3b63fa3c3ec5d8
Sha256: f74e347e2023d858219d1bbd6ec21c8d08825df6a2fd01d26b8f1ef6075669f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9df04f5-3748-4495-a805-b953c60fc713.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12521
x-amzn-requestid: b6f61e8c-c293-4715-9ccb-297d0a5d74bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Th9u6ENrIAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a3dcc5-558aaa8c6d45983152e21e0b;Sampled=0
x-amzn-remapped-date: Sat, 11 Jun 2022 00:07:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gq0PlFKZSh7-2Rm3OzBbPnerjKwTdceWmq1WJPH3vlK-xoaL0hvczQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Jun 2022 00:12:16 GMT
age: 47973
etag: "21356d1ce3d79d80d899e5c82cc285d1a8746a28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12521
Md5:    22b16bf3878b6caa5089e1a0ae0e3273
Sha1:   21356d1ce3d79d80d899e5c82cc285d1a8746a28
Sha256: 850e9d12858bc6a1f45dc4781506bf55200ab90f6a89500c557a16805f80cf4e
                                        
                                            GET /static/125.c67f34a1c8d546f5900e.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-346"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 511
date: Sun, 12 Jun 2022 13:31:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (838), with no line terminators
Size:   511
Md5:    e02aca9ac7f599f09da7c89606af0b47
Sha1:   dd33e0b0b5c6a92acc26c87c74e1567ad32f0600
Sha256: f13686a68bfdcb2f0a03a7d90f742b039702c653ce99c003ad95c5def964f6bc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FF68041EC0E35255D77255E5D393679150107C5BD4FE9B3F04D1F49559CA9842"
Last-Modified: Sun, 12 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9118
Expires: Sun, 12 Jun 2022 16:03:47 GMT
Date: Sun, 12 Jun 2022 13:31:49 GMT
Connection: keep-alive

                                        
                                            POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www110.zippyshare.com/v/YZENOK7Q/file.html
last-modified: Sun, 12 Jun 2022 13:00:00 GMT
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 12 Jun 2022 13:31:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /api/info.json?url=http%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&jsonp=_ate.cbs.rcb_ind40 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 299
x-ratelimit-used: 1
x-ratelimit-reset: 491
access-control-allow-origin: *
access-control-expose-headers: X-Moose
x-moose: majestic
accept-ranges: bytes
date: Sun, 12 Jun 2022 13:31:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None edgebucket=lVP054PQix89dNATap; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.05, "failure_fraction": 0.05}
content-length: 144
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   144
Md5:    b02f38483e8fb669244b0e8f3ae9476b
Sha1:   3305815f129adc7aefa856d334e1c8878e4053ab
Sha256: d97cac9577238a7d04d01ca04f5a02333b7c589877488c45a13cea02a89776d1
                                        
                                            GET /url/shares.json?url=http%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&callback=_ate.cbs.rcb_jwl50 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www110.zippyshare.com/v/yzenok7q/file.html
last-modified: Sun, 12 Jun 2022 13:31:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 12 Jun 2022 13:31:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    2ff55321185aaf47383815557aa337de
Sha1:   ddf153d5d495cc73bee1df6364ab07bbb095714f
Sha256: 48e0681aebdb6896fb8fef8e892a34846bdc6de110ff163e060612a491f312b4
                                        
                                            GET /api/info.json?url=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&jsonp=_ate.cbs.rcb_c3d30 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
x-ua-compatible: IE=edge
expires: -1
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-remaining: 298
x-ratelimit-used: 2
x-ratelimit-reset: 491
access-control-allow-origin: *
access-control-expose-headers: X-Moose
x-moose: majestic
accept-ranges: bytes
date: Sun, 12 Jun 2022 13:31:50 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: csv=2; Max-Age=63072000; Domain=.reddit.com; Path=/; Secure; SameSite=None edgebucket=1aISJhHxxSQIq45WkJ; Domain=reddit.com; Max-Age=63071999; Path=/; secure
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.05, "failure_fraction": 0.05}
content-length: 144
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   144
Md5:    66034f20424626e6f35128e81980d27d
Sha1:   d00e029160df055690ecb5d2e2a192e118f43e47
Sha256: 74f31da5b3695af71dee91b8dd905bdd8d563d0672443711d263984918eea5a5
                                        
                                            GET /url/shares.json?url=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&callback=_ate.cbs.rcb_kxo50 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         2.18.172.123
HTTP/2 200 OK
                                        
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www110.zippyshare.com/v/yzenok7q/file.html
last-modified: Sun, 12 Jun 2022 13:31:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 12 Jun 2022 13:31:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   53
Md5:    88146943e6c00513cad739ad72855201
Sha1:   03a6a87e2d2fd86ae33a2a4d517deb498b714594
Sha256: 8cd033a64e53b2e78a9a90b05d8dc5a90471143d8fbb45da9271da1300962156
                                        
                                            GET /pxf.gif?uuid=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=1d3584ff950f38d5b2e10bc2994be620&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Sun, 12 Jun 2022 13:31:50 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45209b5dcef0c6cae2e8137b18335186
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=ca6621f64bcdfd0a5aa2af7c57675832&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.6
Date: Sun, 12 Jun 2022 13:31:50 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a28938f10c1092b84fb177edb98e03b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "834178C44936E12B328EDB050E556E48B6AE225B943632B55419426ECB9C2C7E"
Last-Modified: Sat, 11 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15570
Expires: Sun, 12 Jun 2022 17:51:21 GMT
Date: Sun, 12 Jun 2022 13:31:51 GMT
Connection: keep-alive

                                        
                                            GET /c129e70a659b8dfc8355bb50a6f856fa.jpeg HTTP/1.1 
Host: cdn.adx1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         149.11.201.98
HTTP/2 200 OK
                                        
server: openresty/1.15.8.3
date: Sun, 12 Jun 2022 13:31:51 GMT
content-type: image/jpeg
content-length: 18985
last-modified: Sat, 11 Jun 2022 14:39:53 GMT
etag: "62a4a939-4a29"
expires: Sat, 25 Jun 2022 14:40:03 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   18985
Md5:    e309b42dd49a8a9bb46779ebfaaac5d4
Sha1:   3df58426beaf5a04974cef19b40446405b4d944b
Sha256: 8a233b74b4776ccec44cba9f6e6742561770f03f2b1ff5cfee0ea06cb6aa72f9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CF1EA2E806AC3F40569598F80C0D3AD94286DCFDC11B9A5E60536B1FFC881337"
Last-Modified: Fri, 10 Jun 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9432
Expires: Sun, 12 Jun 2022 16:09:03 GMT
Date: Sun, 12 Jun 2022 13:31:51 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0VwWT8qKgiLjTUEm3fN73EMwxkg0btZdRU9KdVVN8kx3V1PVNT3JKSiKeJBBb54qX7IJ6qLrzYurdlY8BMTMLaD5BxQUhQVvMmNM2AfFe%2FW%2Bd%2FhefV%2B9t%2B1OWA2OHy%2B8pDcpjvlsqxZUn3g9DC9Vlyl1w%2Bqw236z3bxUNYOne%2B1a8GT1eSXW9Ww9CIMgDMLqIhnV18PZCQjKbvTCWi%2BoNeu1sNXE0HhYV4HlFcjBCXsAJMcztysXQaJEmtxcUHY919lTzyUu5rk2GMj9V9P1VBcpkvOybyrop%2Fun09D2aPEWdHp9ShF6cDYY0ZhVfryFKN0%2FJYZosDvlFsVQKSJ5H4pBCRWXIF5C6HdA8ogBQuLyCtJk77I2Bd%2F4D%2BUTdMxm7vwNKsZs5teLSJMv5mMaVq%2Fp2OWkU4th34OGJWi1ROYOkG8yUHEAkb8Nkj%2Bx2TvLSJPdFRtrkPTT3YlKUL9ErEbglsFNDjG4fgUuqyCRx1URhmEnkIIH3Z4QDdlRUVsGIe%2F0Qx4G7S6cmNAbIc9GEPEIwmwhM1tYpxGM%2BxBkSzjuQZlHZve6zUbQakGJw7l%2Ffnv3sa9f%2Fh2cjquix5vdsB6JRkdEvK4Crnot1Wm32p2WaMo2Ijqce%2BGDH76f%2B%2FkIMTEofvjtn2wasKlH6vxOasjDqEN2GjtG5odzZ1NrHlYy2JxhID0KxVBYhoIzFMRQ5AzFwF%2BXsa1bvydj66LwNNdPc8NvZyfs%2Fqkef4k3sK6Oq%2F1A1Lv9XrNR7zZ7vagrm51Gu9uWIpRd1exKWPp%2Fa7L3gNsKNmnMHvzlD2QTp8iPEfED2PgAgh4Hd4%2BCFx58zWMz9ZD6ZkIpJbZPclXlNaETZPkF5BuV7fiEPTTl0hx8edeTCuORGY%2B36DbDavz%2BzlVdsN2rurDsq5Usp4Q2%2BcQ313Keq3s%2Fe1FtFNrIpQU7%2BvQZMQEm5Y1XlM2XeSopXbXs83mSUplFbYRi3yzZ11R0xdm1eWdSly1feXZxKcmMspZ0WoLT0epHEDRmFx7uTD%2FEIyufgEwJ4zwSdyYRSJcQ2RZsdt6zmsHE5%2FcoYyic3zH16Lw5MUF8rjV45Lftd7DkkVv2LwAAAP%2F%2FAQAA%2F%2F9Jdpe3VQQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3438255&sub3=1655040708&pid=91283&sub2=icon&auid=c9a4812bc37cba2e0ae95e765675c4d6&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: minimsfidget.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.17.9
Date: Sun, 12 Jun 2022 13:31:52 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0baff4fe3390cfbbc555bb9cdd7d11ca
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F2FC47D112C9ABDC82D5AA0D6D3E20428712CA3F50323ADED116D0AE194F5BED"
Last-Modified: Fri, 10 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5945
Expires: Sun, 12 Jun 2022 15:10:57 GMT
Date: Sun, 12 Jun 2022 13:31:52 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Sun, 12 Jun 2022 13:31:52 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 14 Jun 2022 13:31:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /v1/urls/count.json?url=http%3A%2F%2Fwww110.zippyshare.com%2Fv%2FYZENOK7Q%2Ffile.html&callback=window._ate.cbs.rcb_8pns0 HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.84
HTTP/2 200 OK
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, max-age=887
expires: Sun, 12 Jun 2022 13:46:49 GMT
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1558854588249943
date: Sun, 12 Jun 2022 13:31:49 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   606
Md5:    c1c4a18074ec836719e1a44b0bd1ca43
Sha1:   9941d48b49fc74857b963b67906951dddd157f6c
Sha256: 58ec98786b3d0afff74167f19afdaa7eb4e8918b88bae0fbf150da3cab56118c
                                        
                                            GET /sbar.json?key=ca6621f64bcdfd0a5aa2af7c57675832&uuid=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b%3A1%3A1 HTTP/1.1 
Host: qualitydestructionhouse.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Sun, 12 Jun 2022 13:31:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www110.zippyshare.com
Access-Control-Allow-Origin: https://www110.zippyshare.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15255681; expires=Mon, 13 Jun 2022 13:31:54 GMT; secure; SameSite=None uid_id2=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b:1:1; expires=Sun, 19 Jun 2022 13:31:54 GMT; secure; SameSite=None pdhtkv=true; expires=Mon, 13 Jun 2022 13:31:54 GMT; secure; SameSite=None uncs=1; expires=Mon, 13 Jun 2022 13:31:54 GMT; secure; SameSite=None pdhtkv29=true; expires=Mon, 13 Jun 2022 13:31:54 GMT; secure; SameSite=None uncs29=1; expires=Mon, 13 Jun 2022 13:31:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffc0b841f208656702a33ff675edf9ee
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5637), with no line terminators
Size:   3997
Md5:    e5aba5705267da37a0aba273b409b56f
Sha1:   bae53a15de753bba8e2d68e203a7f6af3137397b
Sha256: e52b3bd7468aeb2181a932fd536c792425899069868553f3d649fbaae5a355d1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scVRd9lW%2FI5lvFZCOi9EJQwempqu6u6kkWkhhHBsdMSBTdyftVPc95Va94r6qrp3ExGpAs262rmtMzGdQQ9A8wSE9ASUCYdjULZyeIOxGylu4Mtl4o7jn33MW5p97ne%2BUp8VHSk%2BvvmqHSmq50mn7j1Q%2BD4EpjQ2XloDHoRh9F7SsN27%2B8GjX91xpvS75tVkI%2F8P3ADxprysrEDFZmIlR%2BfzVorvrNdtgMOm0M7H%2B5Kz046kH0T8lzUGK69Mi7BMUnyNJvr0u3XZj89bfSUtPCWPTF4fvZdmaqDOkCJtZDkh2ebcO447WHMNnB3C5M%2F59FpqbE%2B%2FEhWHZ4ZhKsvz%2F3yTRkBib%2Bj6o%2FgdQTKDoBN3egxDEBuMCNTWTpvRvGVnTnmUpn6pQsPf0LqpqSpV8vIUsfXNNq0LhtdFkokzkMkhpqMIHqTZCXRyiG56CqI%2FDiMyjxM1l5uoEs3d902kCJk5fbss0o68rlOExay%2B2W7y%2FTiEXLsRQR69AOoz6bB6TUBCqZQMsRqPNQzj7loUw8lLmHVJw0eBAEsS849burnLdELFkk%2FIDGSUADP%2Bqi5LMbRijyEbgegdtd5HYX22oEW%2F4At1XDCQ%2BuIOiLGpUkqBxBRQkqRVAVBFW%2FPhDaha6%2BJ7QrWXDWw7Peqsem6O3RA1P0ZEb28lNyYR7c7z99im150uA0isIgidqMi0T4tENpSJOYd%2BIo7nRbIZyqody5%2BZlDNSXk8UXks%2F7lZTB6BKePwNUF0PJF0Gochz7o1rjd9THMHgxVnu%2B4LWplk5sUwtTIiyUUO96ePiXPz5288tsLkPwJOStwWyO3NT5Wjwh6%2Bu74lqnI%2Fi1TOfLdZl6oVA3p7PfeLmghz3%2F9jtypjBXr193oq6t8Jszg%2FfekKzZoJlTWc%2BSba0oIadeM5ZJ8v%2B4%2BkOxm6baulTYr842bb66tp7mVzimTTUDV8ScRuJqS81cP5u%2F24p8tKDuBLWuk5cKpMhPwfBcuX8ycIbB6wVnuoSrrsQ3ZYqgVgZYLTlkN9y%2FOFnjP3UXPvgRa3EGW1ujbGn1dg%2BoRXPm%2FcZHbJ2%2F80poXmPbGTFtvn2mrv3gWrVMnjbjV8mm02gnimMqYtcNuEgWC0rAdhVFEWyjclB388fhvAAAA%2F%2F8BAAD%2F%2F87YbTWCBAAA HTTP/1.1 
Host: qualitydestructionhouse.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=4e4bab8e-72f3-4300-a6b6-7ed6b5a5ba0b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Sun, 12 Jun 2022 13:31:55 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51e84e0cdb773582184e5a0dcdcbad63
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed