Overview

URL www110.zippyshare.com/d/tzq4tpu5/8683/l3050ecc-nosware.com.rar
IP46.166.139.231
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-26 16:17:33 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-26 2 unphionetor.com Sinkholed
2022-06-26 2 unphionetor.com Sinkholed
2022-06-26 2 abateall.com Sinkholed


Files

No files detected



Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-06-26 04:50:15 UTC 34.120.237.76
[Mnemonic Passive DNS] clksite.com (1) 68288 2015-01-01 17:16:10 UTC 2019-11-27 09:37:42 UTC 173.192.101.24
[Mnemonic Passive DNS] ocsp.sectigo.com (7) 487 2018-12-17 11:31:55 UTC 2022-06-26 12:30:39 UTC 172.64.155.188
[Mnemonic Passive DNS] offerentlyport.xyz (3) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] unphionetor.com (2) 54035 No data No data 139.45.197.236
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] tzegilo.com (1) 0 No data No data 104.21.22.169 Unknown ranking
[Mnemonic Passive DNS] my.rtmark.net (1) 9054 No data No data 139.45.195.8
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-26 05:01:41 UTC 54.188.94.105
[Mnemonic Passive DNS] datatechonert.com (1) 46154 No data No data 37.48.68.71
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] voices-kerence.com (1) 0 No data No data 18.193.209.105 Unknown ranking
[Mnemonic Passive DNS] www.gstatic.com (1) 0 2015-06-20 09:50:55 UTC 2015-11-29 15:55:55 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] interstitial-07.com (3) 36198 No data No data 139.45.197.152
[Mnemonic Passive DNS] xml.serve-servee.com (1) 0 No data No data 104.21.24.67 Unknown ranking
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-26 09:35:22 UTC 45.133.44.9
[Mnemonic Passive DNS] aphycolourses.info (1) 121151 No data No data 107.22.28.167
[Mnemonic Passive DNS] r3.o.lencr.org (13) 344 2020-12-02 08:52:13 UTC 2022-06-26 05:39:14 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-26 05:33:42 UTC 54.230.111.64
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-26 05:21:07 UTC 104.18.20.226
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.149 Unknown ranking
[Mnemonic Passive DNS] www.maxonclick.com (3) 173326 2017-01-29 09:04:56 UTC 2022-06-26 09:35:17 UTC 35.190.68.123
[Mnemonic Passive DNS] static.serve-servee.com (1) 0 No data No data 104.21.24.67 Unknown ranking
[Mnemonic Passive DNS] www110.zippyshare.com (10) 0 No data No data 46.166.139.231 Domain (zippyshare.com) ranked at: 41031
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-06-26 11:07:22 UTC 142.250.74.164
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.35 Unknown ranking
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-26 10:48:58 UTC 93.184.220.29
[Mnemonic Passive DNS] e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-06-26 06:40:30 UTC 23.36.76.226
[Mnemonic Passive DNS] ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-06-26 05:00:34 UTC 142.250.74.3
[Mnemonic Passive DNS] excellojapan.xyz (6) 0 No data No data 143.204.55.129 Unknown ranking
[Mnemonic Passive DNS] toglooman.com (4) 144309 No data No data 139.45.197.239
[Mnemonic Passive DNS] louchees.net (1) 281261 No data No data 139.45.197.236
[Mnemonic Passive DNS] abateall.com (1) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] ationsuchasr.xyz (3) 0 No data No data 172.67.201.186 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.231

Date UQ / IDS / BL URL IP
2022-06-26 16:17:44 +0000
0 - 0 - 4 www110.zippyshare.com/d/tzq4tpu5/7320/l3050ec (...) 46.166.139.231
2022-06-24 08:02:11 +0000
0 - 0 - 8 www110.zippyshare.com/d/tzq4tpu5/17103/l3050e (...) 46.166.139.231
2022-06-24 07:25:56 +0000
0 - 0 - 9 www110.zippyshare.com/d/tzq4tpu5/30517/l3050e (...) 46.166.139.231
2022-06-17 19:40:33 +0000
0 - 0 - 9 https://www110.zippyshare.com/d/2HPetcoH/3583 (...) 46.166.139.231
2022-06-17 02:22:35 +0000
0 - 0 - 4 www109.zippyshare.com/d/oc6swaoi/16487/revo.u (...) 46.166.139.231
2022-06-17 02:22:17 +0000
0 - 0 - 12 www109.zippyshare.com/d/oc6swaoi/8755/revo.un (...) 46.166.139.231
2022-06-12 13:32:02 +0000
0 - 0 - 12 https://www110.zippyshare.com/d/YZENOK7Q/1825 (...) 46.166.139.231
2022-06-10 15:53:19 +0000
0 - 0 - 7 www109.zippyshare.com/d/oc6swaoi/37047/revo.u (...) 46.166.139.231
2018-12-15 12:56:12 +0100
0 - 0 - 1 https://www110.zippyshare.com/d/u2mtbtGA/841/ (...) 46.166.139.231
2017-09-05 18:40:13 +0200
0 - 0 - 0 www109.zippyshare.com/v/5BA45I0d/file.html 46.166.139.231

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-08-11 23:40:43 +0000
0 - 0 - 1 141.98.6.236/1337New/Wjgqesf-OLD-3.exe 141.98.6.236
2022-08-11 23:40:39 +0000
0 - 0 - 1 141.98.6.236/1337/Wjgqesf-OLD-3.exe 141.98.6.236
2022-08-11 23:40:35 +0000
0 - 0 - 1 141.98.6.236/Z2k/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-11 23:40:31 +0000
0 - 0 - 1 141.98.6.236/Z2KNEW/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-11 23:40:23 +0000
0 - 0 - 1 141.98.6.236/1337Traget/Rxvgxnss-1337x-2.exe 141.98.6.236
2022-08-11 23:40:18 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-2.exe 141.98.6.236
2022-08-11 23:40:10 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-3.exe 141.98.6.236
2022-08-11 23:40:06 +0000
0 - 0 - 1 141.98.6.236/limetor/Kgilth-LIME-2.exe 141.98.6.236
2022-08-11 23:40:00 +0000
0 - 0 - 1 141.98.6.236/FreeApps/Dzodhr-FREE-4.exe 141.98.6.236
2022-08-11 23:39:53 +0000
0 - 0 - 1 141.98.6.236/Z2KNEW/Ivnut-Z2K-4.exe 141.98.6.236

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (86)


Request Response
                                        
                                            GET /d/tzq4tpu5/8683/l3050ecc-nosware.com.rar HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=90121C12802BF25399D0E29E1836E0D3; Path=/; HttpOnly
Location: http://www110.zippyshare.com/v/tzq4tpu5/file.html

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A"
Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6448
Expires: Sun, 26 Jun 2022 18:04:45 GMT
Date: Sun, 26 Jun 2022 16:17:17 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 26 Jun 2022 15:46:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZfMWpaq0aaMVCeuba7ASV0L5OV74zAm1ySfVsUqXbuaoHWF_-Z6MyQ==
Age: 1860


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 26 Jun 2022 02:10:54 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rjyt8rpY-QeUhhRtbEXunaWQguBHQ9add8mGa_I5WsF2G8OTbgrk6g==
age: 50784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v/tzq4tpu5/file.html HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: JSESSIONID=90121C12802BF25399D0E29E1836E0D3
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.231
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www110.zippyshare.com/v/tzq4tpu5/file.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 30 Jun 2022 15:22:07 GMT
ETag: "8c255a634018c816aeb31673e8602efe99b183ae"
Last-Modified: Sun, 26 Jun 2022 15:22:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 962
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 721740930d240b51-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    cbe5f103a0a9c7cd4dd1c54757df5193
Sha1:   8c255a634018c816aeb31673e8602efe99b183ae
Sha256: 9de8df5924fe36fedcb9d90e0dc73c2fe1928b22b4d468769e356130ea14df42
                                        
                                            GET /v/tzq4tpu5/file.html HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; Path=/; HttpOnly zippop=1; Domain=.zippyshare.com; Expires=Mon, 27-Jun-2022 04:17:17 GMT; Path=/
Content-Language: en
Expires: Sun, 26 Jun 2022 16:17:16 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41973), with CRLF, CR, LF line terminators
Size:   39516
Md5:    793710fbd12d63c059f21b7940ac49ac
Sha1:   ec3d1e8edc97fdde08cf350b1e22b8da6f7ad5a2
Sha256: 6bfbf80dfb817efc09221e099debb73a85ae2fa9759154664cd2747f86f4e999
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 12 Sep 2030 16:17:17 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            GET /ads.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            GET /sw.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CF1D6820B364D1258682394943B35B3CB0BAC3850BE1EC78E6C0119B60416CFB"
Last-Modified: Sat, 25 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8507
Expires: Sun, 26 Jun 2022 18:39:04 GMT
Date: Sun, 26 Jun 2022 16:17:17 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=390997,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7217409538751c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=390997,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 721740953ea4fac4-OSL

                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Sun, 26 Jun 2022 16:17:17 GMT
date: Sun, 26 Jun 2022 16:17:17 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   554
Md5:    ce162114d45c6656353a75cb0769a10f
Sha1:   0a6e552d73684b761d8e9d8a4cc4a2a691393eed
Sha256: 57923bce1844f8dd88d832cb6179725b806abf05b3fc1310a3c123c1ae50f48b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=390997,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp14
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 721740954e0fb50f-OSL

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:17 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Thu, 12 Sep 2030 16:17:17 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 49643
date: Sun, 26 Jun 2022 16:17:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 73kWJ53uL5NnQ1TDthVI_2K1eGCBTzwzBSRAXwaXYTYAux3b0uDTow==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49643
Md5:    9fe584c89de28f286bd25ef94723e7eb
Sha1:   7c4c9a7a10647c1a83b3a9fd783f357469a8bce8
Sha256: dd8a8d1fa7152718c267d969da1a73b88fe7ddd2ebcd717d15c3f592cd96d5be
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.149
HTTP/2 200 OK
                                        
content-length: 36012
date: Sun, 26 Jun 2022 16:17:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yIDjFyUX8ygqNKhyWh0QFFvGHcbfyfigeNrlsZ3P5NRZ5B_uCg4fjQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   36012
Md5:    b1d9b64d37d0bde2ae79a1642acf97cf
Sha1:   42356d8b3e862c0ed47269cfcde218ebbe356e20
Sha256: 85929bf17b7a7db6a2e3396c662b5d8ff0170525d9f7ca846aefaeb581baf162
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 22 Apr 2023 16:17:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /a/display.php?r=1142861 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142855 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142849 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 26 Jun 2022 15:31:51 GMT
Cache-Control: max-age=3600
Expires: Sun, 26 Jun 2022 15:48:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: htLzWTGY5LC2FqgB8ecwMt9-Mvqb353QYkeDf30jzn-zar8azK6Rrw==
Age: 2727


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=390996,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 72174098bd0d1c06-OSL

                                        
                                            GET /MTd0NzEeCBdEDGRiMm9SAnkEVHYIdCZgWQBtRHl5aFk6X2JaelJDWFUKQwUHBQBAEUFYU0kFCBdEAFZFRERJBhdYWRJYDBdBSQYfARlBDx8DEQEKABdDBFZWDAZSR0VFW0kGBwQBRgEBAwRMBgAG HTTP/1.1 
Host: ationsuchasr.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.201.186
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwFL%2BNtxo3C6YfuskoxSYYiQncZDievnOmgJ5fc%2F4EzCxrJpooq5RGk4XeRJrG8CkwY%2BZGhQVMvu%2FDNxu5IEwlsyAdEeGkaTYZFsIhz3xMMFdRMEtMSpqsj8YignMLQv0P17"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72174098d8490b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /Z1k2Z0tIZlUUdjIPcCoSCRdaPgMLDWQwIww9cCUIPQ5eUh5XFBATIgNkDlN4V2wDQTsOPQtUeUEqQgY/EioLVm0ON1AIdkEvC1dlX3cOSXlBLAtWbRMpVwB2Vn9GEz8LZAdRflFrAFd5VGEHVH4 HTTP/1.1 
Host: ationsuchasr.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.201.186
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncEo2RwqSHTbokSlStJ7tDq%2BwRUyt7Ow1Kp1VWa99Bfk%2B%2FnDmhTvzwrOXEXbMIZdRuzW7Ka6BzIIzE6hq5N3Hzf%2BW7KSt9dDa4gy70dyVd%2Fa%2BLMZiwCnj18%2F4ctsi2T7OD9A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72174098e8520b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /TjVoUHRhCgsjSRRjAykRIHM6MTUqeTphDD12Azg1G2IpGCd+cE4kHSoIUGRHfgBddgQnUVVjRmhGHDEAO0ZVYkR+Ak45GihaVWJSOAhYfkxgDUZiUjsIWXYAPlQPbUVoRRwkGHMEXmVCfANYYkd2BFtn HTTP/1.1 
Host: ationsuchasr.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.201.186
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAmDjD89hLVQQ5ehzxPFIP7bcd59L7dsVPViR4HxARDNLjRtHgbFJa9jUmts2BryTbo6Ckv%2FLoldyslAZS%2BePj%2FHpH%2FKLHJs5fUC%2FJpt6UMim6ei%2BpjwTeMAoZjDRhuAg2y7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72174098e8530b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A741D2C44F31D4D8ED6E6A7241F32C871FA2AC4A482006C6A19B4C6C8F452898"
Last-Modified: Sat, 25 Jun 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4391
Expires: Sun, 26 Jun 2022 17:30:29 GMT
Date: Sun, 26 Jun 2022 16:17:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5979
Cache-Control: 'max-age=158059'
Date: Sun, 26 Jun 2022 16:17:18 GMT
Last-Modified: Sun, 26 Jun 2022 14:37:39 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /S3psR00qGA8qcipHDmE4ORZRYn8NX14BKXpKADIgKg4JJCR/TV5pLicVGSMrORUCM2MlHxhifw0MDnUfEilfFgAIADUzHjMJIhcFET40EQc4HCkFBw8THywKI0M2Ah8kKC4RDAE3BxEaAQ0tcA8ITzslf3s7KhYPJx9dDgkJLjU0Hh4RLgkkIzA0LAR+NhQdHh4yWGJ/DTgtBh0RLiUCDgoVCwgcPCAtBD0/Oz1yFwUpPQgPLB1cDCENHiUqfCcoKTcaKj0hChUnLFUiCRExOioqJTI9Ah8CPVkAFTMCCyEePyA5D3x/NAc3Gio+BwQeJxk2JCYBODoPYA0PPit1Dyo/ICsKPyo2CR4gChEaI00+EXQdHDQrCAgrXDYBIzMtDwV6TyErFxgeAjMeDBYAN2shCQMpPXYzPSInfysVdnQIIhw3DHlN HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.129
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1185
date: Sun, 26 Jun 2022 16:17:18 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pfdFO48_s1HCIukGz5O3KOtKuq3VC9andp9vd2fq18RZFLpJObix7w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Size:   1185
Md5:    230fefb950478632b83cdf14a690ef8e
Sha1:   44d70be0ef54112d10eba111f9ed4d55ef50c063
Sha256: a429e648a45b215400e0951f13701cee4674304ff9e810a77f444e9838ce52ca
                                        
                                            GET /SHY4bTUpFFsACilLWktAOhoFSAcOUworUTtOAB1WeB1PW1Y+FRYOWScDXAtHJxhMQ1stAh1fc38jYDtgBiBpFHIiBmwMTB0VdSxdOyxtN14JMX5efTESWSJcDj9/Bg0kOWweYww3eQBxMDdsJHY7JFk8YzEmajwDHRtUXnAMBm8MYgoidjtwehR9K0wZJWlIBwo+VQF0BxxtPHgkAQ4jdw4PaSljOzF8GWUYIgg3exo0VSsFCkB6NXMiJGAVexIhejxvexJANAUdQmApWiMyYCh9EjVUI2wlBlE3YwoYXF5zIiRrN3ErIXFdVxk4DjRjMA56X2R6M3xAUS05Cz99DRFcBmwNIFMvchoRbSpsDjtSCn0FIHVafh40VQ4HeRhvX2QcP28VcG4cSwJbOEt2F0QgOHlUYT8MfA HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.129
HTTP/2 200 OK
                                        
content-type: text/html
content-length: 1169
date: Sun, 26 Jun 2022 16:17:18 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wPgsNFRamtdXxSXBbAxvQy-lRLwjWuucT3oWcJcpi06uAbMcia2DQA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Size:   1169
Md5:    a3c8ce68ab164867e199eea812f06e8d
Sha1:   925356e08a67668c6578c1cd824373e0d45930ef
Sha256: f441e89a9bedcad05aca02792748b4e96cecf0bc8996c84a29ff8347583ed2f9
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.22.169
HTTP/2 200 OK
                                        
date: Sun, 26 Jun 2022 16:17:18 GMT
content-type: application/javascript
last-modified: Thu, 09 Jun 2022 09:20:35 GMT
etag: W/"62a1bb63-c24f"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2853
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u18hHkl%2Fman%2B9pMl%2BK4ZQ9mEvBAmyssPr7ohzGvuhJSugwOxGukU56g9hTOP8iqvVcavwuQ8lazqlZesn3auyAEZbn9I27UexYGtaYc4u3jCwNjsVnemcvExLFzeEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7217409a9e4d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49741), with no line terminators
Size:   18094
Md5:    eb7647c63f05629ac9123212f9e88628
Sha1:   361943c2367c9e91f39b471a24190d230f56999c
Sha256: f2826ac09622662bd310edb5c3f41791565c6f5fe31743bda5da7f44b550eb9b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 23:32:36 GMT
Expires: Thu, 30 Jun 2022 23:32:36 GMT
ETag: C29545E1D326B7F5C8210193B4A6A43258A085A9
Cache-Control: max-age=371117,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7217409afabcfac4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 18:25:19 GMT
Expires: Thu, 30 Jun 2022 18:25:19 GMT
ETag: 6071DBB7FAD42CA49B3B797172407109AA8BB0B2
Cache-Control: max-age=352680,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp8
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7217409aff88b50f-OSL

                                        
                                            GET /gid.js?userId=ab53d7a6c74242a78adbfbc0dc99e5d3 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: ID=ab53d7a6c74242a78adbfbc0dc99e5d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:18 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Mon, 26 Jun 2023 16:17:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    1a978248eb23e1b1a4d5f93ca4d80528
Sha1:   1934d9407e97f9eb644b30217f2b845f47ebee8a
Sha256: f367544fa6491762069de7d05ba94f13cb7b66204a7a1d56475830fe4ed19015
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xX70+GpMZxUgyUdGRx8M2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.188.94.105
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Gz6+TLvsOxf5ZHeoRXtFbOMIMMs=

                                        
                                            GET /WGNjMmUjQRBFOi0RDxBfegsXRhUrWUwdEi8UUgNVdhkKQhUhEAtTFz1NAF0IdxAUHA8rQU8QFjUFQQhUdEEXUwIHCgcQX3pUUQNTa1RBHkcrFgFtDDxRQQhHbVBWUVZgVVsfA20GUB9RbQZaHwRrUQcfVm5QUwEHbVRTVgA5QR4 HTTP/1.1 
Host: aphycolourses.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=utf-8
set-cookie: 0c38b50fe6baaebd78f2e43ea52dbfac=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e106-Y1d7PUP7RsUNJg1ilw8OCH43r+Y"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57606), with no line terminators
Size:   22914
Md5:    b81e76d6c6abf50d248805d7c98d0685
Sha1:   2356b37672bb31580670cf9a850af7a3d182a87b
Sha256: 7c52b25e5195f4eef98071468177acf885bb5efacfcd19126f611e2fcf3cc595
                                        
                                            GET /sw.js?QUFINTYaY38HB3dyfxcaY2NkFwNydCsGDnd5ZVMDJHJlAQMkeGVUBXMlZQYAcnF7VwN2cSxQV2Ntag1TI3dwDFckbHgDBHJsfAIGdWwpV1JybHAEV3EiLAxSdyB9BRRtYztCFG1jJ1NQJDMtW0ItODhaRDVvMExMY21qBAZvdGoZUCAtO1AaJyAkRlNtJylZRSQc HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1; prefetchAd_3505448=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            GET /utx?tid=721637&top=www110.zippyshare.com&cb=PEkQonZZoznW HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.129
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:18 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 26 Jun 2022 16:18:18 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PRPUupujWc8bfgiIM19WXnTb50mXGhiOyEIGCjzeM2mVjS2d6u6UYw==
X-Firefox-Spdy: h2

                                        
                                            GET /7UXVUNVQyGjpTayUcMAhsZUZkAGF3HydaOiFIGk8lOTsVDAAmDxATICsRaQVyPRQ6Uml3EDpWaWBTNVE2bEFyQSQ+HmlAOjUQMlw6NBFyQDVsGDtPPT0ZNRBmF0B6BXFjRXxNZWBQZ3dxY0U4XDokDXEHZClNYmpiZVBnd3FjRSZDcWI0bQN6YVxxB2Q2ED-deO3RHEgdkYEVkBGRgUGYFMjgHMVM7KVBmc21nW2QTIWxE HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://excellojapan.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.35
HTTP/2 200 OK
                                        
content-length: 353
date: Sun, 26 Jun 2022 16:17:18 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CC2-nW4PYmq0ZySSG5kKhFgaJJlPc0asodF1IgOcs84N84_gKJ5oSQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (443), with no line terminators
Size:   353
Md5:    25cf83a723110e3598ff665277942c35
Sha1:   2592ee33942ad22c16185b325458b89dfbe72734
Sha256: 25cbd94898d381f04693d8331fc2d68222c4cd30a1e9549842ff24a7a837abb3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 13:33:18 GMT
Expires: Fri, 01 Jul 2022 13:33:18 GMT
ETag: D9A0AD50DAE9D5571151AEB4949D73CC19F5FF0F
Cache-Control: max-age=421559,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7217409d1a681c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0EF79880FE1E48A7BB9037C6834EBCAD678F582D4B3B7151B7D102A2C6042D1"
Last-Modified: Sat, 25 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2081
Expires: Sun, 26 Jun 2022 16:51:59 GMT
Date: Sun, 26 Jun 2022 16:17:18 GMT
Connection: keep-alive

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 1557
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Sun, 26 Jun 2022 16:17:18 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www110.zippyshare.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
                                        
                                            GET /vb2RYS3QMCzYtSxsNPHZDXVJsfEBJDiskGh9ZERoRBVAJMkVWJwA7BC5Wb20AFQBle1IDBTYsSUkBNihJXkI5LxZSUH4/BAAPZTIECAogOQwZACptAQ5ZNSQOBgg0KlFdIm1lREpWaGMMXlV9eDZKVmgnHQERIG5GXxxgfStZUH14NkpWaDkCSlcZckJBVH-FuRl8DPSgfAEFqDUZfVWh7RV9VfXlECQ0qLhIAHH15MlZSdntSGllp HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://excellojapan.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.149
HTTP/2 200 OK
                                        
content-length: 459
date: Sun, 26 Jun 2022 16:17:19 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mReHM7QR9eQt2ldMZNhk73DgUWvGt7m9U9lK2jX4jQJZCrPt80ZGRg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (592), with no line terminators
Size:   459
Md5:    e2ca5078e8dd1f6d68112042c0baae89
Sha1:   c65e74550db62dcf1690d41395d0c007094885b5
Sha256: 1fda77064dbf2bdc883bcb6c26e136273d854fa8904a1e1c8cab9d695a1941b1
                                        
                                            OPTIONS /9?z=3519989&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=ab53d7a6c74242a78adbfbc0dc99e5d3 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www110.zippyshare.com/
Origin: https://www110.zippyshare.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: offerentlyport.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: voices-kerence.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.193.209.105
HTTP/2 400 Bad Request
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: text/html
content-length: 150
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   150
Md5:    7f077f1fce3d566040b0d69eb1f27d8f
Sha1:   28d9c5f6b214c5cdbe7f7e55d6ed5e82080dea01
Sha256: 487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www110.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/v/tzq4tpu5/file.html
Cookie: zippyadb=0; JSESSIONID=8783E3594B8D361DECC98F7A84C2F66D; zippop=1; prefetchAd_3505448=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.231
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 26 Jun 2022 16:17:19 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Sat, 22 Apr 2023 16:17:19 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            GET /11?rnd=3937362669&z=3519989&b=13654823&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=LbM0nC5zkf7dZw68D5buWRl-9doBzf3AvZBpHmcIcPt_4dY3S3shmJBMWhbz1PgIVeprv1nQnVQ6iu2qBmbCdpWk8kXdjSnln8jx1v8PEmg4tLPl-BFpi3QLHczUilPN2JIsdS_tNle8Xl2c9zqDgYL6rGI34Gqxw6anD6UDS97go2HVbsQWpcxknB82zCL4ejze5j0XRY2ZA7j3kkrsLuMixIvAxFWe1KLIAERGoyaYtHwYxiglEpSLKXGybOqzUqtGT6tip8BS3N56Ku4GQu0e9UZ672h1pbKDw4lv1i5xu31Jphi76yFYxYoEmw1oV2vyzharhRodJ3C4j4eFKbHeATnczdeaTbYCPuZRqyasfbYJpoc2TPQNv-9Dg7flJSnadbSlQ7e-iuDju7BiyTCWZLu3wZxLbOM4pJLtsCnSq3rGZv-sLl2OmaOYCyXXq6tJ6JjgGSyQzaC6mu9b_REOPst8pmy7LwhrziRdMc5P7gQhMHYcuXOZd3xkPR4ThqA63ETGNfSwtBCF8GxD0z0AmGxl1go9q03OjEwLiRF5MggzLkyAWyy6sYAbN0t4motmJG07VDTomgiS&ruid=74621ad1-baea-490a-ad7b-a5dbb1422a78&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=164 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 608208ebb6b303528c8d6a96bc9593d9
access-control-expose-headers: X-Sc
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Mon, 26 Jun 2023 16:17:19 GMT; secure; SameSite=None oaidts=1654105504; expires=Mon, 26 Jun 2023 16:17:19 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /27/5174b320df6dd61bbcdfef17dda94275 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:18 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Tue, 21 Jun 2022 03:23:41 GMT
expires: Tue, 21 Jul 2082 03:23:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   131752
Md5:    e461ab085010ad83f31420cd5b7e9432
Sha1:   3f4a0647c7bf97bf5a4214944fcb75bda8fd5bdf
Sha256: 3c1f49eb28ad639bc6744fa166cdeb4b246cc252e4e5de5514f0f99f11df7504
                                        
                                            GET /utx?cb=jCdwraVSLEVD&top=www110.zippyshare.com&tid=843055 HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.129
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:19 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 26 Jun 2022 16:18:19 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gGKRiRk4t_AI5DFw1R90HO2e85u65gW8ch4llXYDPoacqMjQVRzZmg==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=vEChm4iA6WHS&top=www110.zippyshare.com&tid=726474 HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.129
HTTP/2 204 No Content
                                        
date: Sun, 26 Jun 2022 16:17:19 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 26 Jun 2022 16:18:19 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y_hXaaFeh78kE5sneta4DubbBMaQ8YCd6Eh499xcEJWqO-MYLlp-yQ==
X-Firefox-Spdy: h2

                                        
                                            GET /multi?cs=RnlTOWp%2BSGsIXH9NYwledUtlAFo&abt=0&red=1&sm=76&k=zippyshare&v=1.0.58.2&sts=0&prn=0&emb=0&tid=726474&fs=1&ref=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_FPoS=1656260238347&crc=1 HTTP/1.1 
Host: excellojapan.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.129
HTTP/2 200 OK
                                        
content-type: text/plain
content-length: 1434
date: Sun, 26 Jun 2022 16:17:19 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=5547b29a-b9d4-46f2-a9c0-56331722c7ec
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TwVoy-2lHOSjjq4iUzQp_UKAfKg38A8CZgi_BPeMpU0Tirm0eABjmw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3022), with no line terminators
Size:   1434
Md5:    3b173c0efc2cff94a3dd38884c5c4518
Sha1:   434ce0f29d777a38ff7d4f1a9c0582a2e699df18
Sha256: e244c3cd8f9d405c2cfba8c08db6bafc66f388941c708298094ccbbee79f958d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "878AFEB5991E5E57D3A73F61FD70F6E801938B5705DDA3C63D62E93D907568B2"
Last-Modified: Sat, 25 Jun 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19470
Expires: Sun, 26 Jun 2022 21:41:49 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146545
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Jun 2022 00:39:28 GMT
expires: Mon, 26 Jun 2023 00:39:28 GMT
cache-control: public, max-age=31536000
age: 56271
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (618)
Size:   146545
Md5:    edbca8e066da9cd6310dada3c125ccf4
Sha1:   22f45ed309e828212484a03cc7d0e629834e8a76
Sha256: fcab033160e1ba423ad7a42e0bd67ec5820e1ed6751765de935960e502e623f0
                                        
                                            GET /contents/s/b9/69/d6/2a30a07fb40e18b93f7ed47c09/0988583444985.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=YK5kf1MPhwmQjwt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D889616511%26z%3D3519989%26b%3D13654823%26c%3D5768377%26var%3D%26d%3Dhttps%253A%252F%252Ftrk.justsinglesonly.com%252Fbase.php%253Fc%253D116%2526key%253D688ce8f56260c53e4089060bd9ee2ceb%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DLbM0nC5zkf7dZw68D5buWRl-9doBzf3AvZBpHmcIcPt_4dY3S3shmJBMWhbz1PgIVeprv1nQnVQ6iu2qBmbCdpWk8kXdjSnln8jx1v8PEmg4tLPl-BFpi3QLHczUilPN2JIsdS_tNle8Xl2c9zqDgYL6rGI34Gqxw6anD6UDS97go2HVbsQWpcxknB82zCL4ejze5j0XRY2ZA7j3kkrsLuMixIvAxFWe1KLIAERGoyaYtHwYxiglEpSLKXGybOqzUqtGT6tip8BS3N56Ku4GQu0e9UZ672h1pbKDw4lv1i5xu31Jphi76yFYxYoEmw1oV2vyzharhRodJ3C4j4eFKbHeATnczdeaTbYCPuZRqyasfbYJpoc2TPQNv-9Dg7flJSnadbSlQ7e-iuDju7BiyTCWZLu3wZxLbOM4pJLtsCnSq3rGZv-sLl2OmaOYCyXXq6tJ6JjgGSyQzaC6mu9b_REOPst8pmy7LwhrziRdMc5P7gQhMHYcuXOZd3xkPR4ThqA63ETGNfSwtBCF8GxD0z0AmGxl1go9q03OjEwLiRF5MggzLkyAWyy6sYAbN0t4motmJG07VDTomgiS%26bag%3DydU9kaAfa6I%3D%26ruid%3D74621ad1-baea-490a-ad7b-a5dbb1422a78%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww110.zippyshare.com%252Fv%252Ftzq4tpu5%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: image/jpeg
content-length: 29908
last-modified: Sat, 18 Jun 2022 16:40:55 GMT
etag: "62ae0017-74d4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   29908
Md5:    b969d62a30a07fb40e18b93f7ed47c09
Sha1:   d7897e4add486661301d264b169b789e9e34d8c9
Sha256: 6448c6a400f01906f71b345508406c678290a134d578384fbca910e75954145a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "964C4C274413523C91CD99C037254B78324BBB212922BFF1A5239F0F5C8FDC10"
Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19284
Expires: Sun, 26 Jun 2022 21:38:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/ab/fa/f4/ccaf51b3a7f4db87375797d8ac/01288136168377.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=YK5kf1MPhwmQjwt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D889616511%26z%3D3519989%26b%3D13654823%26c%3D5768377%26var%3D%26d%3Dhttps%253A%252F%252Ftrk.justsinglesonly.com%252Fbase.php%253Fc%253D116%2526key%253D688ce8f56260c53e4089060bd9ee2ceb%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DLbM0nC5zkf7dZw68D5buWRl-9doBzf3AvZBpHmcIcPt_4dY3S3shmJBMWhbz1PgIVeprv1nQnVQ6iu2qBmbCdpWk8kXdjSnln8jx1v8PEmg4tLPl-BFpi3QLHczUilPN2JIsdS_tNle8Xl2c9zqDgYL6rGI34Gqxw6anD6UDS97go2HVbsQWpcxknB82zCL4ejze5j0XRY2ZA7j3kkrsLuMixIvAxFWe1KLIAERGoyaYtHwYxiglEpSLKXGybOqzUqtGT6tip8BS3N56Ku4GQu0e9UZ672h1pbKDw4lv1i5xu31Jphi76yFYxYoEmw1oV2vyzharhRodJ3C4j4eFKbHeATnczdeaTbYCPuZRqyasfbYJpoc2TPQNv-9Dg7flJSnadbSlQ7e-iuDju7BiyTCWZLu3wZxLbOM4pJLtsCnSq3rGZv-sLl2OmaOYCyXXq6tJ6JjgGSyQzaC6mu9b_REOPst8pmy7LwhrziRdMc5P7gQhMHYcuXOZd3xkPR4ThqA63ETGNfSwtBCF8GxD0z0AmGxl1go9q03OjEwLiRF5MggzLkyAWyy6sYAbN0t4motmJG07VDTomgiS%26bag%3DydU9kaAfa6I%3D%26ruid%3D74621ad1-baea-490a-ad7b-a5dbb1422a78%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww110.zippyshare.com%252Fv%252Ftzq4tpu5%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: image/jpeg
content-length: 64281
last-modified: Sat, 02 Apr 2022 01:58:38 GMT
etag: "6247adce-fb19"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   64281
Md5:    abfaf4ccaf51b3a7f4db87375797d8ac
Sha1:   c9eaed01c43105b6f5dc88ec2a30137feb67ad5b
Sha256: 8c3870246869bd639c08bd41c8eb5e60448419d448469551a8251f4fb8f7778e
                                        
                                            GET /fv.js?t=72747&cb=734055341 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4c49225ca219acdbb6d7d7fb66f13b69
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: e28f50623920c5b918e1a55ca103bf00
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: offerentlyport.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /?rb=zgMHSjpOHvzKyzpdcSEyjvaCN-2ReQ3CdLskUkUrO5TIY7yJWEHyLqmuK73fUXa49e95jfAGFRXoxGkcJhD3nqtoqFTEaTQ5IOPdFRjdg93Lf-UQeMA8TER5KIWSMY3MPbF57QaRLXhPW0BF2xiGLcgG3n9u0OV16tkIrueXrwDyzsSqonNMHAPDau3u0afp2bgW2Sn_J101g8EV1FPpa_H1OfQhmGx32UvkkQ%3D%3D&request_ab2=82003&zoneid=3505448&js_build=iclick-v1.400.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.400.0&bs=5628204e-a797-4fec-8bdb-d73e7ba791a7&userId=ab53d7a6c74242a78adbfbc0dc99e5d3&m=link HTTP/1.1 
Host: louchees.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Origin: https://www110.zippyshare.com
Connection: keep-alive
Cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654164229
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:18 GMT
content-type: application/json
x-trace-id: 984fdbc1c2a9d592a0d61ba6fdd850cc
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Mon, 26 Jun 2023 16:17:18 GMT; path=/; secure; SameSite=None oaidts=1656260238; expires=Mon, 26 Jun 2023 16:17:18 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Sun, 03 Jul 2022 16:17:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (7630), with no line terminators
Size:   5355
Md5:    3d4a919a257a6ee0a869478eebd5c31a
Sha1:   5a5bba5af2fd89a3b54e64866b1690e12378a8bc
Sha256: 279c19ec69a27c637ad0a1f6fa4e651ee41d83ae2157ebe189019b564f289148
                                        
                                            POST / HTTP/1.1 
Host: offerentlyport.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www110.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www110.zippyshare.com
Content-Length: 358
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Sun, 26 Jun 2022 18:06:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Sun, 26 Jun 2022 18:06:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Sun, 26 Jun 2022 18:06:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Sun, 26 Jun 2022 18:06:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6564
Expires: Sun, 26 Jun 2022 18:06:43 GMT
Date: Sun, 26 Jun 2022 16:17:19 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3e1d84a-1728-47d8-bc04-7da5b27045d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9721
x-amzn-requestid: fab55318-719e-4e9c-8f66-fba724da75cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TychIE3yoAMFdKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aa746d-78b50b690376a97d6772c393;Sampled=0
x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BF7GPxuCcu36Qt9EWeiRNTD_gN9LiuUDaV9lv1pG0mwPCMISQTtsuQ==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:16:19 GMT
age: 57660
etag: "824c12da88732481458fc6c1a455c7382a649e3c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9721
Md5:    01fd8b5742b0e38247b34253cb075e35
Sha1:   824c12da88732481458fc6c1a455c7382a649e3c
Sha256: 00bd45c3a5866f9bb316788864b2ff8f083c5f1d00c2a3a5abdc65aaa1fea08b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d2f9fd7-3799-4065-b1d9-8ff1ca711c90.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7544
x-amzn-requestid: 4372e48b-bdac-4d5c-80cc-43cf2e0a1404
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDFPECOoAMF9VA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77eee-02ea7d7060df4b9701c920ab;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:32:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rne6SQ0LHLPHrj_nEXX-0dzH7hTSUX8kmVJcDi6EL8ca554dNI6E0g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:45:52 GMT
etag: "9a90d5c98262374433d961adfd5cefaee9046d0d"
content-type: image/jpeg
age: 66688
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7544
Md5:    d273b30dd6b52969a274c2c3f0d94587
Sha1:   9a90d5c98262374433d961adfd5cefaee9046d0d
Sha256: f1d72b96a40b3bef59f7f97227b4ec4f5e208d79870f31790eb2d98eb1e6b779
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8532
x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTaUMH3dIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: P066KYSwOHg3eWY0XKs9REdTZOQkgXjN9y8pEsbEfpbgVEH0T0X7bA==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:37:54 GMT
etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea"
content-type: image/jpeg
age: 56366
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8532
Md5:    30b326f3c723aedd3fb906437551f1fd
Sha1:   9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea
Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b
                                        
                                            GET /?l=YK5kf1MPhwmQjwt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D889616511%26z%3D3519989%26b%3D13654823%26c%3D5768377%26var%3D%26d%3Dhttps%253A%252F%252Ftrk.justsinglesonly.com%252Fbase.php%253Fc%253D116%2526key%253D688ce8f56260c53e4089060bd9ee2ceb%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DLbM0nC5zkf7dZw68D5buWRl-9doBzf3AvZBpHmcIcPt_4dY3S3shmJBMWhbz1PgIVeprv1nQnVQ6iu2qBmbCdpWk8kXdjSnln8jx1v8PEmg4tLPl-BFpi3QLHczUilPN2JIsdS_tNle8Xl2c9zqDgYL6rGI34Gqxw6anD6UDS97go2HVbsQWpcxknB82zCL4ejze5j0XRY2ZA7j3kkrsLuMixIvAxFWe1KLIAERGoyaYtHwYxiglEpSLKXGybOqzUqtGT6tip8BS3N56Ku4GQu0e9UZ672h1pbKDw4lv1i5xu31Jphi76yFYxYoEmw1oV2vyzharhRodJ3C4j4eFKbHeATnczdeaTbYCPuZRqyasfbYJpoc2TPQNv-9Dg7flJSnadbSlQ7e-iuDju7BiyTCWZLu3wZxLbOM4pJLtsCnSq3rGZv-sLl2OmaOYCyXXq6tJ6JjgGSyQzaC6mu9b_REOPst8pmy7LwhrziRdMc5P7gQhMHYcuXOZd3xkPR4ThqA63ETGNfSwtBCF8GxD0z0AmGxl1go9q03OjEwLiRF5MggzLkyAWyy6sYAbN0t4motmJG07VDTomgiS%26bag%3DydU9kaAfa6I%3D%26ruid%3D74621ad1-baea-490a-ad7b-a5dbb1422a78%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww110.zippyshare.com%252Fv%252Ftzq4tpu5%252Ffile.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.152
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=IVR7SJTbClEPBK1QYjWarI2xgg52pNR6Y0mPXapJUPA; expires=Sun, 26-Jun-2022 17:17:19 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12632
Md5:    e458d816cba3e3c5209b5c708abab423
Sha1:   b553e50afa44cf0467fc1d793d5b237386eb2895
Sha256: 2039521471112f7823aead16a102fc3619dbeaf37f37ea62858307488b794f01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F078fb16a-ed33-4dc3-8f0d-fa2af1b1a290.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11483
x-amzn-requestid: 31728949-c166-4867-b377-2d9ac07fb6e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDsuEZdoAMFWIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77fea-0ba36d817950cc271cc3e3dc;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:36:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -TUpVxLspf9nL6sVtRnSSKCKJLkik7UM85tJ47P7QnTBhXSOCFDttQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:41:46 GMT
age: 66934
etag: "53b0cb739723cc34657019cde118b003970cbb86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11483
Md5:    1e0d05753e633912c3b1d61427a2384e
Sha1:   53b0cb739723cc34657019cde118b003970cbb86
Sha256: f84afe24d5c52db107a9767c445709223d112ff7adccf296e0e2d79899f73310
                                        
                                            GET /static/advertisement.js HTTP/1.1 
Host: clksite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.192.101.24
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:18 GMT
content-type: application/javascript
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Tue, 28 Jun 2022 16:17:18 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9849
Md5:    9b1aa63facc3aee58e042c1fae88cfc1
Sha1:   42a91e33dbef48a750521959454c193a73528e68
Sha256: c2656d039d75e78f234f790d0ff45f93c1a171f68997313e69837d2da29618f7
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "73C323E8E7FEF418070D7FF76ADECBB2C7D24537FA1CA17B68CE9EBBABA4F56E"
Last-Modified: Sun, 26 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5218
Expires: Sun, 26 Jun 2022 17:44:19 GMT
Date: Sun, 26 Jun 2022 16:17:21 GMT
Connection: keep-alive

                                        
                                            GET /thumbnail?i=F47Hq6LlGf4_0&imgt=icon HTTP/1.1 
Host: xml.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.24.67
HTTP/2 302 Found
                                        
date: Sun, 26 Jun 2022 16:17:21 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XQkbqGieBbqJp%2BrMUmcuYv4AgxPgyPFeLNO1mvKOTlS1D%2B3kHajmpLw9WPQ%2BPB8gJSIbrouCtApkU7MTNthlnK5gSh%2BXLOYK%2F4jw8EyRFES7syKRqL6oVneZkx1vI5Ni6w6AMGhWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 721740af7805b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "73C323E8E7FEF418070D7FF76ADECBB2C7D24537FA1CA17B68CE9EBBABA4F56E"
Last-Modified: Sun, 26 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5218
Expires: Sun, 26 Jun 2022 17:44:19 GMT
Date: Sun, 26 Jun 2022 16:17:21 GMT
Connection: keep-alive

                                        
                                            GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1 
Host: static.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.24.67
HTTP/2 200 OK
                                        
date: Sun, 26 Jun 2022 16:17:22 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1656260241.cds226.sk1.h2,1656260241.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIEWqqdPSmYTZsTKDdHRWTgMrZFpr3yF9Eoqf7gcXMtbz30MDjJtUZUir%2FU8i5zsg2K%2Fg8d9Zo1%2BY7Ar%2BwaE1yveqMHXukYhcBjB2YXT5uGuogqEt0BPoBz4zg8Jk0YnEvCZmvofhwiH0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 721740b0593ab518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   88957
Md5:    0994ec31361ea569c5549063145bfdd2
Sha1:   9b270e9f7a346a0f0f60a978e154f49740350270
Sha256: e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E662924657400D0C74E0E4C70E8A95C0C2DBE97E1E95907CB2756B28BF7917A8"
Last-Modified: Sat, 25 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3392
Expires: Sun, 26 Jun 2022 17:13:54 GMT
Date: Sun, 26 Jun 2022 16:17:22 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skxRev%2BX4XRD25rOxlD%2BNNwZ10z%2B9xD8FsjATj7rKrKB5cqquqk2e6u5qqrulJTkFRPMmA%2F0Dlk92E1SD6B7hKZ8FDYGHnFtAgXj0oCp5lxjHBB817%2FT6P4vPq86lPdt0pa8Dxk%2BU39TYlCV%2FoNIL6i%2B%2BG4bX6GmVuVB%2F1u3e77Wt1M3xl0G0EL9VfV2JTLzSDMAjCIKyvkFGxHi1MQVB%2BOAgbg6DRbjbCThsj42FdDZbXIIen7CJITi48ql0CiQpZ%2BvWyspuFzl9%2BLXUJL7TBUB68nW1musyQnpexqSHODubT0PbJykPo7P6MIvTwbDCiCav98BBRdjAnhmh4b8YtSqAyRPJZlMMKKqlAvILQH4HkEwYIiRs3kaX7N7Qp%2BdY%2FKJ%2BiE3bhrz9B5YRd%2BOkSsvSrpYRG9Ts6cQXpzGIUe9CoAq1XyN0Rim0GKo8gig9BkiFLPUj62c5EFSiukKgxuGVw048YXFyDy2tI5UldhGHYC6TgQX8gREv2VNSVQch7ccjDoNuHE1NaYxT5GCIZQ5gd5GYHmzSGcZ%2BBbAXHPSj3yO1%2Bv90KOh0ocbz4M5sFOJ3URTwQne4ginrtXiBC0ZNx1I47fdXpiDDuthDR8eIz3V9%2BvXL9KhJiUPz4u9%2FnB9jMI3N%2BLzPkYdQxm8eekcXx4tnUhoeVDLZgGEqPUjGUlqHkDCUxlAVDOfT3ZWKb1u%2FLxLoonOfmPLf8bn7Knpvp8Id4H5vqpB4HotmPB%2B1Ws98eDKK%2BbPda3X5XilD2VbsvYenfrcn%2BD9zWsE0T9vyPvyGfOkR%2BjogfwSZHEPQCuLsCXnrwDY%2FtzEPqQx7xQvEkaQidIi%2BeRrFV201O2eUZj6sf3%2F3PdQrjkRuPD%2BgRw3ry6d5tXbJ7t3Vp2Tc384JS2uZTr9wpeKH%2B%2F8UbaqvURq4u2%2FGDV8UUmJaHbylbrPFMUrZu2ZdLJKUyK9oIxb5dte%2Bo6JazG0vOZC5fu3V9ZTXNjbKWdFaB04SxB%2B9B0IQ9NXw8ewaXLz4GmQrGeaTuTCCQriDyHdj8vGc1g0nO%2F6OcoXR%2BzzSj8%2BbUAsm50uCR37Xfw5JHYdnfAAAA%2F%2F8BAAD%2F%2FzLQLRVLBAAA&ap=${AUCTION_PRICE}&l=2983263&sub3=1656260239&pid=91283&sub2=icon&auid=cf9c569bb7470c1c7dfb4f58e55c1f63&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: abateall.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.22.0
Date: Sun, 26 Jun 2022 16:17:22 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03549c589f2a0498a1d54ac4c17e2360
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1509CA18AD488C22780C410826041A14EAD294A0876AA011C725BA3EFA4C7663"
Last-Modified: Sat, 25 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20017
Expires: Sun, 26 Jun 2022 21:50:59 GMT
Date: Sun, 26 Jun 2022 16:17:22 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Sun, 26 Jun 2022 16:17:22 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 28 Jun 2022 16:17:22 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            GET /11?rnd=3937362669&z=3519989&b=13654823&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=LbM0nC5zkf7dZw68D5buWRl-9doBzf3AvZBpHmcIcPt_4dY3S3shmJBMWhbz1PgIVeprv1nQnVQ6iu2qBmbCdpWk8kXdjSnln8jx1v8PEmg4tLPl-BFpi3QLHczUilPN2JIsdS_tNle8Xl2c9zqDgYL6rGI34Gqxw6anD6UDS97go2HVbsQWpcxknB82zCL4ejze5j0XRY2ZA7j3kkrsLuMixIvAxFWe1KLIAERGoyaYtHwYxiglEpSLKXGybOqzUqtGT6tip8BS3N56Ku4GQu0e9UZ672h1pbKDw4lv1i5xu31Jphi76yFYxYoEmw1oV2vyzharhRodJ3C4j4eFKbHeATnczdeaTbYCPuZRqyasfbYJpoc2TPQNv-9Dg7flJSnadbSlQ7e-iuDju7BiyTCWZLu3wZxLbOM4pJLtsCnSq3rGZv-sLl2OmaOYCyXXq6tJ6JjgGSyQzaC6mu9b_REOPst8pmy7LwhrziRdMc5P7gQhMHYcuXOZd3xkPR4ThqA63ETGNfSwtBCF8GxD0z0AmGxl1go9q03OjEwLiRF5MggzLkyAWyy6sYAbN0t4motmJG07VDTomgiS&ruid=74621ad1-baea-490a-ad7b-a5dbb1422a78&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww110.zippyshare.com%2Fv%2Ftzq4tpu5%2Ffile.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: toglooman.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www110.zippyshare.com
Connection: keep-alive
Referer: https://www110.zippyshare.com/
Cookie: scm=1; OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; oaidts=1654105504; oaidvc=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 16:17:24 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www110.zippyshare.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: fd59a0e9b70452ff6c86de8284edb6ff
access-control-expose-headers: X-Sc
set-cookie: OAID=ab53d7a6c74242a78adbfbc0dc99e5d3; expires=Mon, 26 Jun 2023 16:17:24 GMT; secure; SameSite=None oaidts=1654105504; expires=Mon, 26 Jun 2023 16:17:24 GMT; secure; SameSite=None oaidvc=3; expires=Mon, 26 Jun 2023 16:17:24 GMT; secure; SameSite=None CNT=1_v1_J1vQAAEAAADhSnIt; expires=Sun, 26 Jun 2022 17:17:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2