Overview

URL www114.zippyshare.com/d/xdbdnpvw/18594/crack.rar
IP46.166.139.232
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-06-24 08:00:36 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-24 2 encloseddealing.com/1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js Malware
2022-06-24 2 d24ak3f2b.top/advertisers.js Malware
2022-06-24 2 cdn.barscreative1.com/sb/notifications/software/us/norton/2/index.html Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-24 2 encloseddealing.com Sinkholed
2022-06-24 2 d24ak3f2b.top Sinkholed
2022-06-24 2 creepingbrings.com Sinkholed
2022-06-24 2 unseenreport.com Sinkholed
2022-06-24 2 unseenreport.com Sinkholed
2022-06-24 2 abateall.com Sinkholed


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-06-23 23:04:34 UTC 142.250.74.164
[Mnemonic Passive DNS] d10lumateci472.cloudfront.net (2) 0 No data No data 54.230.245.49 Unknown ranking
[Mnemonic Passive DNS] scriptvealpatronage.com (1) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] www114.zippyshare.com (9) 0 No data No data 46.166.139.232 Domain (zippyshare.com) ranked at: 41031
[Mnemonic Passive DNS] encloseddealing.com (1) 0 No data No data 192.243.59.12 Unknown ranking
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-24 05:17:04 UTC 52.34.226.44
[Mnemonic Passive DNS] smereteret.xyz (1) 0 No data No data 54.230.111.78 Unknown ranking
[Mnemonic Passive DNS] historiousmor.xyz (3) 0 No data No data 107.22.28.167 Unknown ranking
[Mnemonic Passive DNS] cdn.barscreative1.com (1) 25648 No data No data 172.67.205.72
[Mnemonic Passive DNS] r3.o.lencr.org (15) 344 2020-12-02 08:52:13 UTC 2022-06-24 04:59:03 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp2.globalsign.com (1) 1544 2012-05-21 07:12:19 UTC 2022-06-24 05:12:44 UTC 104.18.21.226
[Mnemonic Passive DNS] www.maxonclick.com (3) 173326 2017-01-29 09:04:56 UTC 2022-06-24 05:06:08 UTC 35.190.68.123
[Mnemonic Passive DNS] aphycolourses.info (1) 121151 No data No data 44.195.137.121
[Mnemonic Passive DNS] ghableleader.xyz (2) 0 No data No data 54.230.111.82 Unknown ranking
[Mnemonic Passive DNS] xml.serve-servee.com (1) 0 No data No data 172.67.217.88 Unknown ranking
[Mnemonic Passive DNS] migrantspiteconnecting.com (5) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] www.gstatic.com (1) 0 2015-06-20 09:50:55 UTC 2015-11-29 15:55:55 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] static.serve-servee.com (1) 0 No data No data 172.67.217.88 Unknown ranking
[Mnemonic Passive DNS] ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-06-24 07:08:26 UTC 172.64.155.188
[Mnemonic Passive DNS] creepingbrings.com (1) 0 No data No data 104.21.234.233 Unknown ranking
[Mnemonic Passive DNS] clksite.com (1) 68288 2015-01-01 17:16:10 UTC 2019-11-27 09:37:42 UTC 173.192.101.24
[Mnemonic Passive DNS] abateall.com (1) 0 No data No data 192.243.59.13 Unknown ranking
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-24 05:05:58 UTC 54.230.111.99
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] wideorganiz.xyz (5) 0 No data No data 172.67.145.197 Unknown ranking
[Mnemonic Passive DNS] d24ak3f2b.top (1) 105412 No data No data 142.0.204.220
[Mnemonic Passive DNS] cdn.sb4you1.com (4) 22321 No data No data 104.21.51.177
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-06-24 05:00:03 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp.digicert.com (5) 86 2012-11-29 12:49:49 UTC 2022-06-24 05:56:55 UTC 93.184.220.29
[Mnemonic Passive DNS] simplewebanalysis.com (1) 0 No data No data 52.29.132.48 Unknown ranking
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-24 04:59:01 UTC 34.120.237.76
[Mnemonic Passive DNS] ds88pc0kw6cvc.cloudfront.net (2) 0 No data No data 54.230.245.114 Unknown ranking
[Mnemonic Passive DNS] e1.o.lencr.org (8) 6159 2021-08-20 07:36:30 UTC 2022-06-24 05:38:32 UTC 23.36.76.226
[Mnemonic Passive DNS] unseenreport.com (2) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] cdn.cloudimagesb.com (1) 23099 2021-02-12 16:15:41 UTC 2022-06-24 06:16:47 UTC 45.133.44.10


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.166.139.232

Date UQ / IDS / BL URL IP
2022-06-29 15:38:59 +0000
0 - 0 - 6 www114.zippyshare.com/d/xdbdnpvw/10512/crack.rar 46.166.139.232
2022-06-29 07:22:17 +0000
0 - 0 - 14 www114.zippyshare.com/d/96gs3VGI/21619/Instal (...) 46.166.139.232
2022-06-29 03:53:38 +0000
0 - 0 - 5 www114.zippyshare.com/d/96gs3VGI/33533/Instal (...) 46.166.139.232
2022-06-28 21:34:54 +0000
0 - 0 - 10 www114.zippyshare.com/d/96gs3VGI/12280/Instal (...) 46.166.139.232
2022-06-28 15:51:17 +0000
0 - 0 - 2 www114.zippyshare.com/d/xdbdnpvw/4497/crack.rar 46.166.139.232
2022-06-28 15:40:22 +0000
0 - 0 - 7 www114.zippyshare.com/d/xdbdnpvw/25442/crack.rar 46.166.139.232
2022-06-28 15:40:17 +0000
0 - 0 - 9 www114.zippyshare.com/d/xdbdnpvw/4019/crack.rar 46.166.139.232
2022-06-28 15:40:05 +0000
0 - 0 - 2 www114.zippyshare.com/d/xdbdnpvw/48380/crack.rar 46.166.139.232
2022-06-28 15:40:03 +0000
0 - 0 - 3 www114.zippyshare.com/d/xdbdnpvw/23573/crack.rar 46.166.139.232
2022-06-28 06:33:21 +0000
0 - 0 - 9 www114.zippyshare.com/d/96gs3VGI/47045/Instal (...) 46.166.139.232

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-07-04 01:56:38 +0000
0 - 0 - 1 peliculashdlatina.com/2013/06/madagascar-la-p (...) 185.107.56.200
2022-07-04 01:31:24 +0000
0 - 0 - 5 rbono.us/-ezp-24.html 185.107.56.199
2022-07-03 22:09:56 +0000
0 - 0 - 1 185.107.70.56/ 185.107.70.56
2022-07-03 19:51:15 +0000
0 - 0 - 6 wwu-roblox.com/games/1730877806/[FREE]-Grand- (...) 93.157.63.234
2022-07-03 17:05:31 +0000
0 - 0 - 1 iteki.pw/static/iteki-cheat.exe 185.107.56.55
2022-07-03 12:47:14 +0000
1 - 0 - 0 93.157.62.185/al.exe 93.157.62.185
2022-07-03 07:07:17 +0000
0 - 0 - 3 remoshomongtrading.com/ 185.107.56.60
2022-07-03 05:56:14 +0000
0 - 0 - 1 circle.tjhhylh.com/includes/templates/intexs_ (...) 185.107.56.202
2022-07-03 05:22:29 +0000
0 - 0 - 5 5h6z1.mespor.pro/ 185.107.56.200
2022-07-03 05:13:14 +0000
0 - 0 - 1 circle.tjhhylh.com/ 185.107.56.202

No other reports on domain: zippyshare.com



JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (102)


Request Response
                                        
                                            GET /d/xdbdnpvw/18594/crack.rar HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.232
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: JSESSIONID=99B35CFDF1F442AFD80B1F4893335131; Path=/; HttpOnly
Location: http://www114.zippyshare.com/v/xdbdnpvw/file.html

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6685
Expires: Fri, 24 Jun 2022 09:51:44 GMT
Date: Fri, 24 Jun 2022 08:00:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 24 Jun 2022 07:03:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KjS6qchGrEeXuCWIx8oB8GuzQNySpQP6Gam4TtAZr2qyfM5yK4d1SQ==
Age: 3418


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 24 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w9_rfaqGC6TjZUqV99RN1-lHXEdo-AyRBr9Z-_2SCqPRx3-nYI4Npw==
age: 20968
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v/xdbdnpvw/file.html HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: JSESSIONID=99B35CFDF1F442AFD80B1F4893335131
Upgrade-Insecure-Requests: 1

                                         
                                         46.166.139.232
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 178
Connection: keep-alive
Location: https://www114.zippyshare.com/v/xdbdnpvw/file.html


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 28 Jun 2022 04:45:36 GMT
ETag: "f291b6ac431f7304699f19f17d8c7f7d854946b0"
Last-Modified: Fri, 24 Jun 2022 04:45:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3262
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7203edd9ad2db505-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    f00001a26a1684d5a079f93d7e20d802
Sha1:   f291b6ac431f7304699f19f17d8c7f7d854946b0
Sha256: 3775a216c3aba4575d1d105d981b1d8ad82108c2973a473735b9489987fefedb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 08:00:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v/xdbdnpvw/file.html HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=3; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D; Path=/; HttpOnly zippop=4; Domain=.zippyshare.com; Expires=Fri, 24-Jun-2022 20:00:19 GMT; Path=/
Content-Language: en
Expires: Fri, 24 Jun 2022 08:00:18 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41981), with CRLF, CR, LF line terminators
Size:   39520
Md5:    ee7087ba5bc5868396d409448afdc785
Sha1:   12a9e69739604d9606769d787ee38a2881ed3906
Sha256: 6cb6e45359d73c4f2834dd50db8947ce8440dba831dff78acb80fbd8222a5ac8
                                        
                                            GET /wro/viewjs-9c29d4e653e865831dc028fdac7e7dfff3be049e.css HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 66707
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 08:00:19 GMT
Accept-Ranges: bytes
ETag: W/"207098-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (38971)
Size:   66707
Md5:    7e0e3e48bd85cdf4041d04d6d265622a
Sha1:   06bd818fbba909a62546da78470bc01fd813076e
Sha256: b6f4ece3f288037b58e9803601d45e812775c0140f09d7860574f6c56781ec1c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads.js HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 138
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"157-1654675202000"
Last-Modified: Wed, 08 Jun 2022 08:00:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text
Size:   138
Md5:    80ce0db0d04307c0a7e7bfbe492e329d
Sha1:   f8efbdda6799a957baa59e907d466dbc3fd7be90
Sha256: da32bd619e9f9cf48c390020230b751333e2a402fce01635102f340a39f88113
                                        
                                            GET /recaptcha/api.js?render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Fri, 24 Jun 2022 08:00:19 GMT
date: Fri, 24 Jun 2022 08:00:19 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (852), with no line terminators
Size:   554
Md5:    ce162114d45c6656353a75cb0769a10f
Sha1:   0a6e552d73684b761d8e9d8a4cc4a2a691393eed
Sha256: 57923bce1844f8dd88d832cb6179725b806abf05b3fc1310a3c123c1ae50f48b
                                        
                                            GET /sw.js HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 36755
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"95651-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   36755
Md5:    9f3eb972e27d96787df56867ba104e59
Sha1:   e266af1162c320a8366da4487c3698c0db0ca354
Sha256: 5750d3ef81845bcf96250e0b2e66d4b21aec5ed0144822ca14a9491f70392ae3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593615,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203eddbca81b4ee-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593615,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp14
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203eddbca6efac8-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593615,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp8
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203eddbdc2e0b39-OSL

                                        
                                            GET /wro/viewjs-5c4b087e763baf82dfed5e75dc71d50f709ecb00.js HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:19 GMT
Content-Length: 147861
Connection: keep-alive
Cache-Control: public, max-age=259200000
Expires: Tue, 10 Sep 2030 08:00:19 GMT
Accept-Ranges: bytes
ETag: W/"478725-1654675203000"
Last-Modified: Wed, 08 Jun 2022 08:00:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  ASCII text, with very long lines (65535)
Size:   147861
Md5:    1dd393cf506e088f2a0b45a37beabda7
Sha1:   384796f00e05bce54b4bcae1f2dd4e5d0c5c478a
Sha256: c9420067db3629caab61a3e5983ef9b303d24913f01c2a3307ee0e392cc87616
                                        
                                            GET /?kcpsd=843055 HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.114
HTTP/2 200 OK
                                        
content-length: 49642
date: Fri, 24 Jun 2022 08:00:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FzdBxGDjYrPdGLUstku0UwSVQteH1VBk7zrGfGSeybsnYSqck2KiLw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15952)
Size:   49642
Md5:    00dca3dfe238c8ee6cbcf0aad0bda8f4
Sha1:   c7bee0e2f0448520ba4cbb0059207396b00378f9
Sha256: 54b721d2f87413b45c88c906bdf47de8f4c2648fcd02ffa3cabbe1834efcfca4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3D7DAFA5172DE1B8BEE3B42CA818DC87A5C79F68B264145703F51C7D009B5C27"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2104
Expires: Fri, 24 Jun 2022 08:35:24 GMT
Date: Fri, 24 Jun 2022 08:00:20 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?amuld=726474 HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.49
HTTP/2 200 OK
                                        
content-length: 35991
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x36eqdJo7NcKDT5KbH8vv9jLUj5Q_NekNIzgcXj0XynHLOsJwbbAfQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15478)
Size:   35991
Md5:    391396c4b2df06d0d37237361b7e7cba
Sha1:   33f3dc3723760c3b11e67fc6fc989e90a1adf458
Sha256: c7ffb70b12a49358d304c7b9c86486b1d3eab21b721ba412a11154502e5bc180
                                        
                                            GET /images/favicon2.ico HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 08:00:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

                                        
                                            GET /a/display.php?r=1142849 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142855 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /a/display.php?r=1142861 HTTP/1.1 
Host: www.maxonclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.68.123
HTTP/2 204 No Content
                                        
server: openresty
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2022 07:11:58 GMT
Cache-Control: max-age=3600
Expires: Fri, 24 Jun 2022 07:39:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AkyA7qoT1y6E42HN4k_QiBb5p_G0AZMqiFbOHltY9Ju5D1AIn4QWUw==
Age: 2902


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3187
Cache-Control: max-age=126400
Date: Fri, 24 Jun 2022 08:00:20 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 19:07:00 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 267
Cache-Control: max-age=123480
Date: Fri, 24 Jun 2022 08:00:20 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 18:18:20 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3187
Cache-Control: max-age=126400
Date: Fri, 24 Jun 2022 08:00:20 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 19:07:00 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 267
Cache-Control: max-age=123480
Date: Fri, 24 Jun 2022 08:00:20 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 18:18:20 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:20 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Jun 2022 05:03:55 GMT
Expires: Fri, 01 Jul 2022 05:03:55 GMT
ETag: 01A43A962E09DA3F9D837207EEB01B7E915E37A4
Cache-Control: max-age=593614,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp2
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203eddf8862b4ee-OSL

                                        
                                            GET /1d/35/84/1d3584ff950f38d5b2e10bc2994be620.js HTTP/1.1 
Host: encloseddealing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 08:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7f2daa9fd9cce93c78ccd9859e38214
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (53771), with no line terminators
Size:   17189
Md5:    3f1d9ab029937d5f9baa294224d0e204
Sha1:   f25b2ce981d1d83954fd790d25e2f5f6e0ee19e5
Sha256: 78474009874e0f7bb953ae0900fff0a9eb896cfd060900e6639b45a9e8f63b70

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3187
Cache-Control: max-age=126400
Date: Fri, 24 Jun 2022 08:00:20 GMT
Etag: "62b4ad61-118"
Expires: Sat, 25 Jun 2022 19:07:00 GMT
Last-Modified: Thu, 23 Jun 2022 18:13:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /popunder.gif HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:20 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 95033
last-modified: Thu, 23 Jun 2022 05:36:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFh4%2BPCykVqbbsw5uX1pxAlDl65pE0KJUuECiXioXqcFAPZYhJoIg892fDb%2FAhTLYrMaluqJ5xzfO6BgMLj7%2FnkK%2B8VPpkNi06zXOtpO3A5WbltD8bRW4oMqgx%2FdyZLarTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203eddffca40b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   506
Md5:    fff681ef9b6938ae1f88918e7176e025
Sha1:   ead277ce526796bad59622a96b1bf7e5121c29c1
Sha256: eaa8f604dca5f6c97286ba68358b75e8a5051e74ef78fd0ae3bc76557357e214
                                        
                                            GET /SjZXSktlCTQ5dildDQ0vJGQRLnh/cgUPBTNSEhAOGwUBPRofY3E+Ii4LYHh9fgFjbDsjUmp4cmxFIys/P0Vqe20jWDEldmxAantlehhicmV4ECJ3fnwBZ35/eABie3p4BWF9bT5GNi12exAnPj8mC2Z8fnwGYn19ewNheXI HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMloovufqhcDUX%2FTozWCypm%2Bp8eJ4BzDa266u%2Bfe5JpaKMHPwAjW26iDZXw%2F3vlJKs3jTwGP4qtObt26n%2B63feYfO3r8uGGTXDpRl4Q4uwDZVeXbYzHzi%2FXmFc2dlU28KDo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203eddffca70b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NU1nS00acgQ4cGAbJnkXByEMEipvFTB5JVwMMX4fb38qChhjDEE/JFFwX39+BXhSbT1cKVp4fxM+Eyo5QD5aemtcIwEkcBM7WntjDWNfZX8TOFp6a0E9BixwBGsXPzlZcFZ9eAN9Unx7BHhRfnQ HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFwnP90eJr7ZzASbchRPMmSuOj0zPsLIqdpPjaSJ4Ea5AOukRwiMvDnHojhdfseHkLDBvFDZ9pnclKCBN%2F8U6znJu2hoMIClyojOj0DYBtHnFX0wLR0WMdT%2BTe5I0K5onqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203ede01cd50b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /aWdpOW5GWApKUwovJ00NWz0vaDhYIz98AiswAkkLOwwrWzw/X09NBw1aUQ1dWVJcHx4AA1QKXE8UHVgaHBRUC15ZUE9QAA8IVAtIH1pZF1ZHX0cLSBxaWB8aGQYOBF9PFx1NAlRWXwxYWVJeD19cUV8K HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AT8LWXcJFW3hTsX2QpdBODq7Dtb%2FaOSJVVAhizFHgLcAzDVGKZ8BxGgmotXTFAD%2B05BcJ3pmtnixZbFRMTj0vE7XhokQGwGAV9fMXxdDiTVZoX5b13Mc8kvdq9mTZzj3IJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203ede01ce20b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /NTFXYkMaDjQRfmQBDRcUcFllBgUAXjIMMwVmACQ0UWkBOyFbdHEWKlEMb1ZwBQRiRDNcVWpRcRNCIwM3QEJqUHMFBnELLVNealBlQwxnTHsbCXlQZUAMZkQ3RVAwX3ITQSMWLwgAYVd1BQRgVHIABmFQ HTTP/1.1 
Host: wideorganiz.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         172.67.145.197
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZVVIserCfHn%2F%2BEuTyGRjWrC%2F5rUazd%2BYP7CT3%2FCoV58TwBWRKA%2FdKKqeSWi2JuFGaolInLE75w1AcIGUDHA%2BXQL%2FaB1wA5DnBGH2SdsfQMhpObbOh%2F%2BpZjWhUxgsU5IZ5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203ede02d040b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15517
Expires: Fri, 24 Jun 2022 12:18:57 GMT
Date: Fri, 24 Jun 2022 08:00:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C8CE8D8DC46E08AC8D9070F15C32E97203A14B22E8B3C3766FB62CDA90102BC6"
Last-Modified: Wed, 22 Jun 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5858
Expires: Fri, 24 Jun 2022 09:37:58 GMT
Date: Fri, 24 Jun 2022 08:00:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F52003EE9B9E18D641466C9D3CBA2B79E801A15DE442EFE727983C42F4719D5B"
Last-Modified: Fri, 24 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1639
Expires: Fri, 24 Jun 2022 08:27:39 GMT
Date: Fri, 24 Jun 2022 08:00:20 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uisw1CbtHlllZDbKXptcjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.34.226.44
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lWwfF0Xejf3yQWDGM7qsRV1ExMM=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:20 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 23:32:36 GMT
Expires: Thu, 30 Jun 2022 23:32:36 GMT
ETag: C29545E1D326B7F5C8210193B4A6A43258A085A9
Cache-Control: max-age=573735,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7203ede23e6cfac8-OSL

                                        
                                            GET /ca/66/21/ca6621f64bcdfd0a5aa2af7c57675832.js HTTP/1.1 
Host: scriptvealpatronage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03ccb183b98b1dcdfc1fc6fd64516a56
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33844), with no line terminators
Size:   11417
Md5:    d6a38c358a0e30293a910eab5c91945a
Sha1:   87906f42f4d44f0e5f89a5d3a372c0e8916b7dde
Sha256: 5e948a15d3ef2003104c1e403f997e927c30312c742832f9fe3fe69fef7bd3ff
                                        
                                            GET /djVKMHYNFzlHKQNHJhJMVF0%2BRAYFD2UfAQFCewFCWE8jQAYPRiJRBBMbKV8bWUY9HhwFF2YSBRtTaApHWhc%2BUREpXC4STFQCeAFARQJoHFQFQChvHxIHaApUQwZ%2FU0VOA3IdEENQeR1CQ1BzHRdFBy4dRUAGegMUQwJ6VBMXFzc HTTP/1.1 
Host: aphycolourses.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=utf-8
set-cookie: cd51263f6b3a04dc10f99febe1b98559=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e102-nT3p4oLEBer2CUDeU/XYi2MzvOQ"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   59659
Md5:    f4706cd8edbac3702246b40c9a3d0605
Sha1:   0cf2a23d8ebf84d3c7bf2bb14e7877f259ffa13d
Sha256: b15126e1ea425b406ce8d4a50803cf3882ede303a454f219dbcfec97865021e6
                                        
                                            GET /utx?tid=721637&top=www114.zippyshare.com&cb=Au3dgzmOo8Bp HTTP/1.1 
Host: smereteret.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.78
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www114.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:01:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DIKpOsCTo-dgwjOFvBEGYBJh91Ks5qVfcRu71h2ektLFxOitDuCEow==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "AE1F703A3EE6BEEE75FFF4EF50CDC5BEC7913D7181C3555EBD04C4147ED0F02A"
Last-Modified: Tue, 21 Jun 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15516
Expires: Fri, 24 Jun 2022 12:18:57 GMT
Date: Fri, 24 Jun 2022 08:00:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EC5F1704950BBEC18A5F5BC27BF4CAD5C28CF5F1149F5AD6FFA351EFD6A97F8"
Last-Modified: Thu, 23 Jun 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2429
Expires: Fri, 24 Jun 2022 08:40:50 GMT
Date: Fri, 24 Jun 2022 08:00:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109060
Date: Fri, 24 Jun 2022 08:00:21 GMT
Etag: "62b45cf7-1d7"
Expires: Sat, 25 Jun 2022 14:18:01 GMT
Last-Modified: Thu, 23 Jun 2022 12:30:47 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SsP6NUTO4vplKoOOMZldBH4Bv4u6MJKYGhEmzkNKfWUM8DQajfCMog==
Age: 6434

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43A13B73C14A970CF96F9B6FA009E96A4DDF436C4A58CCD40C608B0B8D5A9595"
Last-Modified: Thu, 23 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1887
Expires: Fri, 24 Jun 2022 08:31:48 GMT
Date: Fri, 24 Jun 2022 08:00:21 GMT
Connection: keep-alive

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Cookie: uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.132.48
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www114.zippyshare.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    6698fd75fc3f31f6ec37d2b2dc904786
Sha1:   d6e757b525456eb876be5b96163404184a7c465f
Sha256: fb16881c10f2309027ff975f197b4091b8056f625db5885669e7e148eff90dc8
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: d24ak3f2b.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.0.204.220
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 08:00:21 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 389
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: www114.zippyshare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/v/xdbdnpvw/file.html
Cookie: zippyadb=0; __atuvc=1%7C22; zippop=4; __utma=46003887.126713531.1656039776.1656039776.1656039776.1; __utmz=46003887.1656039776.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=375351502EEBCCEB872AD1AF279C1F0D; ppu_main_1d3584ff950f38d5b2e10bc2994be620=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         46.166.139.232
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 24 Jun 2022 08:00:21 GMT
Content-Length: 3611
Connection: keep-alive
Cache-Control: public, max-age=25920000
Expires: Thu, 20 Apr 2023 08:00:21 GMT
Accept-Ranges: bytes
ETag: W/"3611-1427651017000"
Last-Modified: Sun, 29 Mar 2015 17:43:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   3611
Md5:    b3bf18448d2e26f529500cb013975564
Sha1:   1b9d2cecad0cf85d336a24a0ccaa610c39a49f6a
Sha256: 968e719e5fbc1706a6db025adc28931e64fcf76c3ae80fa4ab6ff40b53b36b20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146545
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Jun 2022 00:39:28 GMT
expires: Mon, 19 Jun 2023 00:39:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/javascript
age: 458453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (618)
Size:   146545
Md5:    edbca8e066da9cd6310dada3c125ccf4
Sha1:   22f45ed309e828212484a03cc7d0e629834e8a76
Sha256: fcab033160e1ba423ad7a42e0bd67ec5820e1ed6751765de935960e502e623f0
                                        
                                            GET /utx?cb=KNJFd22yk6Z2&top=www114.zippyshare.com&tid=726474 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.82
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www114.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:01:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J4fvGy0y67JxbmBlxNLHivfUXCQidp_iKN0s-CgwF3cS3_3y_mqjdA==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=nYyWiOdOF7Uz&top=www114.zippyshare.com&tid=843055 HTTP/1.1 
Host: ghableleader.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.82
HTTP/2 204 No Content
                                        
date: Fri, 24 Jun 2022 08:00:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www114.zippyshare.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 24 Jun 2022 08:01:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7G5dZKEr472XwXDkdFQ53gMs3TCpKoGpie3zAntm_YTZ5fwqWEcSjQ==
X-Firefox-Spdy: h2

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.233
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:21 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e4c9569d3511950fca0567916ccc8f73
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 24 Jun 2022 08:00:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSeqHgUvP1HUiWHzM10KyB6ZEQIQhdHLHPDBehzU6EwtdC86BcK%2FMrRZM3%2Bn5MdxSXc0ooy2766ikCgj7I9i8v6mw6%2F8gUsYw9iGhyQfLlmgFMHNkES9niyM1MBoPmONJ0Pf%2Fzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203ede39a3d7480-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   15745
Md5:    78ddb426e2d2afaaee9c103197eb41fd
Sha1:   195f51c60525c0dc409b62559f5b4aa177323130
Sha256: f575b842602fd01827f5ec3becb1fb9a4841a5fcbdc9f749f72f913f6f882f6c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /hTVlLMXEuNiVXTjkwLwxJeWp7BERrMzheHz1kOnwgLx9yBhQhaT5bA3ghERcFNz12AVchOCVWTGs8JVJMfH8qVRNwaW1FASIydkQfKTwtWB8oPW1EEHA0JEsYITUqFEMLbGUBVH9pY0lAfHx4c1R/aSdYHzghbgNBNWF9bkd5fHhzVH9pOUdUfhhyB199cG-4DQSo8KFoeaGsNA0F8aXsAQXx8eQEXJCsuVx41fHl3SHt3excEcGg HTTP/1.1 
Host: ds88pc0kw6cvc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.114
HTTP/2 200 OK
                                        
content-length: 355
date: Fri, 24 Jun 2022 08:00:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 471zNS2nWeYvPJzM29qDhlCrhssOI3vzMKXEW06FdV5ZgNpYF9s3oQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (448), with no line terminators
Size:   355
Md5:    c89982bf42c49100b5168576cc3b6129
Sha1:   c832031c6e1db299bbdf79cabc0301bf8611179d
Sha256: cedd41337a00f12a8684d96fede002b5c57b84b05fe0d9ac7c5621ee614079b6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 08:00:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /UNDREZW1XWyoDUkBdIFhaBgJwUlkSXjcKA0QJDgwHfVYPAFVCei0OCxJAPgFQBBIoBANTCWIAA1cJdUMMUFZ5VUtARCsOUExCJQ8dX1kmHQ8SQSVYAFtOLQkBVRF2I1gaBGFXXRxMdVRIB3ZhV11YXSoQFREGdB1VAmtyUUgHdmFXXUZCYVYsDQJqVUQRBn-QCCFdfK0BfcgZ0VF0EBXRUSAYEIgwfUVIrHUgGcn1TQwQSMVhc HTTP/1.1 
Host: d10lumateci472.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.49
HTTP/2 200 OK
                                        
content-length: 441
date: Fri, 24 Jun 2022 08:00:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Oq4c8rKvzjE0Cvld4JK7-8hB2rwXzz2Kw85STQBDo3vRqkDbFkMhDg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (585), with no line terminators
Size:   441
Md5:    2c21c926d8ed4989520f88df2a3555af
Sha1:   696ee119091a1ade25d07f13e684f0f15c1e9274
Sha256: efac98ab9908e24f54388dfdf0b5365a9779790c44fceb4aea81ea38b5c72d7d
                                        
                                            GET /VjZVT2UNFGJ9VGAFYm1JdBR5bVBlAzZ8XWAOeClQMwV4e1AzD3guVmRSeHxTZQZmLVBhBjEqBHQad3hWMwQwKwFkG2J2A24bYXkHNBs0fVIwG21%2BXGJUbCtSYwNjekd6FCY4R3oUPSYWIlknJgojRTggF3hOLDVHehRkf0tjFHkpBDpFMGMDN1omKkkwVzk8AAs HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=utf-8
set-cookie: a8874d376c481d47126bd5721a5b30d9=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8447-YfCkC8cSpqJWP4BKO64/3Yf1MAo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (33863), with no line terminators
Size:   13200
Md5:    575f03dc0c86eec0ad44e26dbea9220e
Sha1:   3d63ccfecdd2e096237e862338bb576bf9daeb5e
Sha256: c56e8ac73218d1614c42508805aab6a01bec964e29199ad209c1a4e6eab2a291
                                        
                                            GET /static/advertisement.js HTTP/1.1 
Host: clksite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.192.101.24
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 08:00:21 GMT
content-type: application/javascript
last-modified: Mon, 12 Jun 2017 13:33:59 GMT
vary: Accept-Encoding
etag: W/"593e9847-1b"
expires: Sun, 26 Jun 2022 08:00:21 GMT
cache-control: max-age=172800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5375)
Size:   3567
Md5:    9d507c8c4b9caa9d560f7c6a8570e8bd
Sha1:   01298aedaf99497372ae6a4f1087d3a8b604ee32
Sha256: 282f31c44941ac0fae8b20d6a1e2f72cc5b90b8da42973b9a9d9435ba5a75fb9
                                        
                                            POST / HTTP/1.1 
Host: historiousmor.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www114.zippyshare.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www114.zippyshare.com
Content-Length: 353
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Fri, 24 Jun 2022 09:05:09 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Fri, 24 Jun 2022 09:05:09 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Fri, 24 Jun 2022 09:05:09 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Fri, 24 Jun 2022 09:05:09 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "068E579FBBEB0061A16F92109D9AE92D9164C86F613BC2FC8BFED0D0EE9A863F"
Last-Modified: Wed, 22 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8467
Expires: Fri, 24 Jun 2022 10:21:29 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd7f9a35-0e8a-460e-b220-6d735af41155.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8983
x-amzn-requestid: 627a7551-ca6d-4b1b-b794-956df9b5487d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UMz6RHgpoAMFyKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50041-6c9d1ed4728c796230f8630e;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:07:29 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bqEUkBIE90v5mTTgWDVS80-exnhBWN8NLPHX9A28F6uQQ74lG4ZOEw==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:23:18 GMT
age: 27424
etag: "09043e8c1fc47eb1113e4a34da30b3047a73f835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8983
Md5:    eb1d09ebdf227ca72fbb08c09fbb92ae
Sha1:   09043e8c1fc47eb1113e4a34da30b3047a73f835
Sha256: df8bb827f695f360f8b9e8f14b2b45a6af27cb2213808cecff3ea59f75cf66cc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "068E579FBBEB0061A16F92109D9AE92D9164C86F613BC2FC8BFED0D0EE9A863F"
Last-Modified: Wed, 22 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8467
Expires: Fri, 24 Jun 2022 10:21:29 GMT
Date: Fri, 24 Jun 2022 08:00:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31cb4f6e-df9f-446a-8b16-1f284ec23380.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7370
x-amzn-requestid: d45737cd-4f25-49cf-97f9-6951fdf6dcaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T1vziGrPIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62abc67c-643f4ba678e8e9360c91a914;Sampled=0
x-amzn-remapped-date: Fri, 17 Jun 2022 00:10:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z9ux63ENfi7U1x1OaTKITGJx87rInRUpuJtrL3X0vTBj1SRhP1VdUg==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 12:41:35 GMT
age: 69527
etag: "cf69802d408cf61cca9aa3cf71d281f2ec68d6fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7370
Md5:    76c3acea6c99cc69d2372f2489b13a06
Sha1:   cf69802d408cf61cca9aa3cf71d281f2ec68d6fe
Sha256: cfd0c1d8ac7c753dc5f0fcbf54e42c8ef5033c52529de248ce8b101e9221b1ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70668163-c258-4c3d-b86a-8a7d4076ca0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7832
x-amzn-requestid: 64bca05b-0072-4e37-aa70-169fc3358556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1GTFgxIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50228-1960739d6448adb40e4e6f34;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Uwhl3CTAqrRF1ojmlkvQ3zduF7FaD9tNXw4iPqdPo2Rz6pZqoX2wwA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:33:40 GMT
etag: "97adce482723b12ab810aee12ab815aeb3368a70"
content-type: image/jpeg
age: 26802
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7832
Md5:    ae5b94aba05491de3a3aa9421404f1ea
Sha1:   97adce482723b12ab810aee12ab815aeb3368a70
Sha256: d3f44f90be9140a768857675dfc93a7d0355f2fd024e5ce48477c50f2d1cfbe0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92d82a42-6b15-49d4-909b-032f805d3c47.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4253
x-amzn-requestid: dc2f230b-d9d9-4d10-af7c-f7c7c92eaad1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BYHgZoAMFzqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50208-282d2a0d707326a647d17b82;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MsQNllN96JiXwoPPx6dhqZdIz7jsup0Q0VuwbzmYGsscB0uhTsF8Yw==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:48:35 GMT
age: 25907
etag: "e5f4947c997c4d9ba9a1a2b6696aef163655b808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4253
Md5:    d5983f34363faf36540f0fb6806435d8
Sha1:   e5f4947c997c4d9ba9a1a2b6696aef163655b808
Sha256: 31ae38c2c9446152b979340de0c1c43e3e2060ba8abff66dc2e0b5d5f676379e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1749b3b-0d9b-43a1-8965-f7f13602c892.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7281
x-amzn-requestid: ed27e890-50fd-42e3-ae91-6ea788e157f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BhG8JoAMFppQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50209-479195105ec805f252173f07;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dW71IPIO0pvMPqUTy5s8MzPgXHF-_C0vcvAdZ0QNiMSWcHfSvcznpA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:33:48 GMT
age: 26794
etag: "7de1e1a3d5278c4a95a6c41707de9f42b340df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7281
Md5:    e13f75fbc853ddadb00c907e132f0772
Sha1:   7de1e1a3d5278c4a95a6c41707de9f42b340df9a
Sha256: 495b9150ad122944a29462010c86648c4b9b8a83b70686d1e0557cb93111d2a0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c3ccce-1ae1-4a47-8d95-aa572c4ceae9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11646
x-amzn-requestid: 3061c5bd-7a81-4f52-a333-fc122a7521a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1AKHdVIAMFbVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50200-23220ada786a596b248d127b;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:14:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q2QWHo5LVycJplvw3MVNXWQs2mCsEx6xulLVDD0ywU9NwMdb37QJSQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:28:18 GMT
age: 27124
etag: "1a85dce8e73089b14f81c10c492f96eee2cab510"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11646
Md5:    35eb3d6d8ced3eb364e64f0174bd1450
Sha1:   1a85dce8e73089b14f81c10c492f96eee2cab510
Sha256: 5e13e75e2a9f7c7d99e493565d2205ccbcf74f5047dbe450452ab60dd46cb66f
                                        
                                            GET /pxf.gif?uuid=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=1d3584ff950f38d5b2e10bc2994be620&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:00:22 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55f1a4e8233a59843b4d89acfed04bca
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=ca6621f64bcdfd0a5aa2af7c57675832&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=8 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Fri, 24 Jun 2022 08:00:22 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d0d2fdd00d095b9d561c7027e131f8b
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9F16B283197C925F7D27F63100EBCB1EB23BCA1544C75B5D870C9072BAEE0AE8"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10852
Expires: Fri, 24 Jun 2022 11:01:15 GMT
Date: Fri, 24 Jun 2022 08:00:23 GMT
Connection: keep-alive

                                        
                                            GET /thumbnail?i=No8wL5VWSYU_0&imgt=icon HTTP/1.1 
Host: xml.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 302 Found
                                        
date: Fri, 24 Jun 2022 08:00:24 GMT
content-length: 0
location: https://static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
cache-control: no-store
age: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B720AUulN3Mrp%2FwWpfnnNfj3hAwG1hKVOFmE2CDoAxrR7aMwx5jYxsnpuLUOvO1FXVSChH1oUF2szWCC5YsW81yNt7brXRyz7RXSTgvBEdVPMkaniEfS65Yr7PKsWDryi%2B0SDVnFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203edf5fef1b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "9F16B283197C925F7D27F63100EBCB1EB23BCA1544C75B5D870C9072BAEE0AE8"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10851
Expires: Fri, 24 Jun 2022 11:01:15 GMT
Date: Fri, 24 Jun 2022 08:00:24 GMT
Connection: keep-alive

                                        
                                            GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1 
Host: static.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.217.88
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:24 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1656057624.cds207.sk1.h2,1656057624.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FokroFVhzOYWsz6U6L9NlKdy%2FXJZcK%2FsBH69CJRykbzW1LcOamxPrNrDBPuG4HVcjWLsnKsHbcghXHSTTJQ1%2FumMEuXTPv7YjUAos%2FJuh49pH2cCzJMXC9tarmXoXAy2dhISTkY86NcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203edf6bff1b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   88957
Md5:    0994ec31361ea569c5549063145bfdd2
Sha1:   9b270e9f7a346a0f0f60a978e154f49740350270
Sha256: e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4488F9BF923694410F93E08AD9666BCE77BC566C66EB39A9626F31CDC011241A"
Last-Modified: Thu, 23 Jun 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8499
Expires: Fri, 24 Jun 2022 10:22:03 GMT
Date: Fri, 24 Jun 2022 08:00:24 GMT
Connection: keep-alive

                                        
                                            GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0XhYPCkrCoqMNwWZdM%2F0zPS4h2CMkbBxs%2B666EmprupJnunuaqq6pic5BUXxJIPePFW%2BZBPU4OrNi6t0FjwEhMwtoPkHFPwFC95kxpjgg%2BK9et87fK%2B%2Brz7YtqesActPFl5Vm5QkfLbd8OrPvun7V%2BrLlNlhfRh23u4EV%2Bp68EKv0%2FCeq78Si3U12%2FR8z%2FM9v75IOu6r4ewEBOUHPb%2FR8xpBs%2BG3Awy1g7E1GF6DHJyyR0FyPHOvdhkkKmTpVwuxWS9U%2FvzLqU14oTQGcv9Wtp6pMkN6UfZ1Df1s%2F2wayhwv3oXKbk8pQg3OByMas9oPdxFl%2B2fEEA12p9yiBHGGSD6MclAhTioQryDUeyB5zAAhcW0FWbp3TemSb%2FyL8gk6ZjP3%2FwKVYzbz82Vk6ZfzCQ3rN1ViC1KZwbDvQMMKtFoht4coNhmoPIQo3gXJH9ns%2FWVk6e6KSRRIuunuRBWoXyGJR%2BCGwU4OMdh%2BDTavIZUndeH7fteTgnthT4iW7MZRR3o%2B7%2FZ97nudEFZM6I1Q5COIZASht5DrLazTCNp%2BBDIVLHeg3CE3e2HQ8tptxOJo7u9f3n%2F6m9d%2BBaeTeuB1eDcWIY%2FCVhBJP2h2%2FSjs%2Bk3ut6RothHR0dyt9kN%2FeHeuIiGGmB999zubBkzmkFm3k2ly0PERO4sdLYujufOpNQcjGUzBMJAOZcxQGoaSM5TEUBYM5cDdlolpGrcnE2Mj%2Fyw3z3LLbeen7JGpHn%2BKt7Aen9T7nmiG%2FV7QaoZBrxeFMui2OmFHCl%2BGcRBKGPpvazIPgJsaNmnMHvvpN%2BQTp8hPEPFDmOQQgp4Bt0%2BBlw58zWEzc5DqgEe8iHmSNIRKkReXUGzUtpNT9viURzC487%2FnFNoh1w7v0D2G1eTDnRuqZLs3VGnY1yt5QSlt8olnbha8iB%2F8%2FGq8USotlxbM6LMXxQSYlAevx6ZY5pmkbNWwL%2BZJylgvKi1i9u2SeSOOrluzNm91ZvPl6y8tLqW5jo0hlVXgdLz6MQSN2aUnutPP8OTKpyBdQVuH1J7LA1IVRL4Fk1%2F0jGLQycU9yhlK63Z0M7poTgyQXOgMHrlt8z0MORSG%2FQMAAP%2F%2FAQAA%2F%2F%2FRC0F0UQQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3438255&sub3=1656057621&pid=91283&sub2=icon&auid=406a7ec8ab834bd14271b8712a13dc25&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: abateall.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.13
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.17.6
Date: Fri, 24 Jun 2022 08:00:24 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d3f6b57aed3e62708f0a1218b732881
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B494E4413A824900A570C70F6E0DEC62E18CC1CCF88AB669A8BB3112A74164E5"
Last-Modified: Wed, 22 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3978
Expires: Fri, 24 Jun 2022 09:06:42 GMT
Date: Fri, 24 Jun 2022 08:00:24 GMT
Connection: keep-alive

                                        
                                            GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.10
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:24 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 26 Jun 2022 08:00:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Size:   33103
Md5:    70cf8250da1a25a7b445231428af7828
Sha1:   a849d338423d2919949340838c768bba90b9081c
Sha256: b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83BD842088CC1F312EC505BDB50B32A3A9660D95492F51A2F1CA8D5299F9FE13"
Last-Modified: Thu, 23 Jun 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17221
Expires: Fri, 24 Jun 2022 12:47:27 GMT
Date: Fri, 24 Jun 2022 08:00:26 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=ca6621f64bcdfd0a5aa2af7c57675832&uuid=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372%3A2%3A1 HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:00:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www114.zippyshare.com
Access-Control-Allow-Origin: https://www114.zippyshare.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15255681; expires=Sat, 25 Jun 2022 08:00:26 GMT; secure; SameSite=None uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1; expires=Fri, 01 Jul 2022 08:00:26 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 25 Jun 2022 08:00:26 GMT; secure; SameSite=None uncs=1; expires=Sat, 25 Jun 2022 08:00:26 GMT; secure; SameSite=None pdhtkv29=true; expires=Sat, 25 Jun 2022 08:00:26 GMT; secure; SameSite=None uncs29=1; expires=Sat, 25 Jun 2022 08:00:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49fadc38e135b1280587ac61c1d8a01b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5589), with no line terminators
Size:   3895
Md5:    65e1a27095223387d389c90a0ebeebe6
Sha1:   640f9865fa929f1db61d5bfd86b526de83b855f4
Sha256: 86ccd256933cd0f0de8a2f764c3b69fc1a9f4f4d253ead4ef016ae8eb412d79a
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSMWwcRRudzW%2Bl%2BauQNCARXYEESPi8u3e3e5cUKMYYWZg4SkDQodmZ2fPg2Z3VzO7t%2BURhiIRSHi3V%2Bp0dC4giKCiJ0DoSiEhIPioXuEOiRUip0V0sDr7mvfe9r3j7dj7bL86Ii4Kerr2jR1IputJpuo1XPvC8641NmRbDxrAbfBi0rzfM4FovaLqvNt4SbEev%2BK7nup7rNdalEbEersxMyOxBz2v23Gbbb3qdNobmv9oWDix1wAdn5DlIPl167FyBZDXS5Js1YXdynb32ZlIommuDAT96L91JdZkiWdDYOIjTo%2FNraHuy%2Fgg6PZzHhR78cxjJKXF%2BfIQoPToPiWhwMM8ZKYgUEf8%2FykENoWpIWoPpu5D8hACM4%2BYW0uT%2BTW1KuvvMpTN3Spae%2FgVZTsnSb1eQJg9XlRw27mhV5FKnFsO4ghzWkP0aWXGMfHQBsjwGyz%2BF5L%2BQlaebSJODLas0JD99KaBdEbdjd5l2RGu5HcTBcs%2FlnWWX%2B6zXarc7rdCfFyRlDRnXUGIMai%2BgsA4K6aCIHRSZg4SfNpjneaHLGXW7PcZaPBRRwF2PhrFHPTfoomCzbxgjz8Zgagxm9pCZPezIMUzxA%2Bx2Bcsd2JxgwCuUgqC0BCUlKCVBmROUg%2BqQK%2Bvb6j5Xtoi8c%2FTPsVVNdN7fp4c674uU7Gdn5NK8uD9%2B%2BgQ74rTBaBD4Xhy0I8Zj7tIOpT6NQ9YJg7DTbfmwsoK0F0Ctg5GcEvLzZWQz%2FOIaInoMq47B5CXQ4kXQchL6Luj2pN11MUofjmSW7dptakST6QRcV8jyJeS7zr46I8%2FPk7z8%2B1UI9oScD5ipkJkKH8nHBH11b3Jbl%2BTgti4t%2BXYry2UiR3T2e%2B%2FkNBcXv3pb7Jba8I01O%2F7yBpsZM%2FrgXWHzTZpymfYt%2BXpVci7MujZMkO837PsiulXY7dXCpEW2eeuN9Y0kM8JaqdMaVJ58HIDJKbl443D%2Bbi%2F%2FGUCaGqaokBSLpFLXYNkebLbYWU1g1EJHmYOyqCbGjxZLJQmUWGgaVbD%2F0tGC79t76JuroPldpEmFgakwUBWoGsMW%2F5vkmXny%2Bq%2Bt%2BSBSziRSxjmIlFGfP6vWytNG2Gq5NOh1vDCkIozafjcOPE6p3w78IKAt5HYafadf%2BBsAAP%2F%2FAQAA%2F%2F%2FyGBg7ggQAAA%3D%3D HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:00:26 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82f891d4283dbb8dbaa25c3fe5ce308e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Fri, 24 Jun 2022 10:19:18 GMT
Date: Fri, 24 Jun 2022 08:00:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Fri, 24 Jun 2022 10:19:18 GMT
Date: Fri, 24 Jun 2022 08:00:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Fri, 24 Jun 2022 10:19:18 GMT
Date: Fri, 24 Jun 2022 08:00:26 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/software/us/norton/2/index.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.205.72
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:26 GMT
content-type: text/html
last-modified: Wed, 17 Feb 2021 11:42:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8nmJPRmxDwE1Eo4g2RtKiYxMu84mH2LRnJ7zYpox6IF5GkWx80%2F1wAWEADVmRtNc5v6K80KSc7z3DSF3yQKXJpM%2BXdPZ%2FR%2BjH5SJj4PBVEkjUJ7dOkSv0s0TYJF%2FoMH9w9zEWrHwT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7203ee06fb6dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   252
Md5:    e822996c939da2e59f5c01d5b90c6be1
Sha1:   67baa6322a236bb6c099ce23434f0bafd004e2de
Sha256: 52cdc21d889e1bb6ecbd490a5f6c32e6a7fa632955e0e2806455e2fc60319bb6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sb/notifications/software/us/norton/2/img/close.png HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:26 GMT
content-type: image/png
content-length: 1778
last-modified: Wed, 17 Feb 2021 11:45:12 GMT
etag: "602d01c8-6f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8177352
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xmcOetaCaNHq%2F%2FYI%2BmNXrIcH8tBVyb7RCooMCjQbVpR8GGHN8SOWekv4YJNSYCycH7UEk9NaUzWInLSetE3Y4sSeb9MKcICh8rOuRM%2BkRhYt2e59HxCBSmvmcROpo5gZzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203ee08aef3b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   1778
Md5:    c1b8f53c3afa0fdd5be48e6bfdbbb6fa
Sha1:   eeb2cd8d17e3abe135865be77330b8519f6bceb2
Sha256: 8f5d7d0bf69b5fcb8a110dd7c79948e70c860440b6ecc803a20ababe193a1af0
                                        
                                            GET /sb/notifications/software/us/norton/2/img/bg.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:26 GMT
content-type: image/jpeg
content-length: 32917
last-modified: Wed, 17 Feb 2021 11:45:12 GMT
etag: "602d01c8-8095"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 8177352
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyziFK5V3sQswqqRAUkJMbQy2VEcD4aELYxJ2Q09OQIXMMAGK6U3%2FrqcW5Gca88bAMIBGmUIbwcnzFeklASS2MqrV3xoomTWVcbzbk%2F%2FpLgaXhBXJmxJbqp%2BM18RtSzgOB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203ee08aef1b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=90, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=728], progressive, precision 8, 728x90, components 3\012- data
Size:   32917
Md5:    f4775713c42703127f645bd02cfaf1e9
Sha1:   8a6b3f5145c9f30b89075d1ef9db6f652b2ad0f0
Sha256: 7e4698ab34d23b2c4fdaddb6643379e37fe13c2620ff21e2ce7f6ac2812b4f60
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "E0A872A1B3B0950B5FF200EDCC690786B4531BBF96332FDF5FA7095F5A3D6CC5"
Last-Modified: Fri, 24 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8331
Expires: Fri, 24 Jun 2022 10:19:18 GMT
Date: Fri, 24 Jun 2022 08:00:27 GMT
Connection: keep-alive

                                        
                                            GET /sb/notifications/software/us/norton/2/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:27 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:45:10 GMT
etag: W/"602d01c6-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bk%2BxWFztgp5iaeL2L68N9Dx9QCmJpEuyGh%2FMrvUa9qEzdHoS4ckZv8GNP9r52Ph8Gs7OysuPSO5Vw5jkA8ZMbDe37JuY%2BbVFl0vETfKb5%2BG1Y9omHgNFfflO9g5NeQJ%2BXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203ee084e5fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4847
Md5:    c91016401e0a0b7b3d7572de48c76597
Sha1:   12fb634abb5e708b4f55d1489055b4f626d3cdd1
Sha256: 2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
                                        
                                            GET /sb/notifications/software/us/norton/2/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www114.zippyshare.com
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.51.177
HTTP/2 200 OK
                                        
date: Fri, 24 Jun 2022 08:00:27 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:45:10 GMT
etag: W/"602d01c6-181"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhoBZV4rM1p1BdpM80D9waLe3I3TNwPAUFp7bg%2F1RoUPDxH4ztCwAxPuy5%2FS2PO5jALx1qNCVcHP6S85bct5kMNZstyhi3wzdZOME0jCMSlEMzaAbJmhQlIsOIbGfiidK3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7203ee085e75b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   185
Md5:    5ee669fd4c8a9ee872f94911036d3ec1
Sha1:   6f12758dbe09364bfb207923fb19c87e431fc725
Sha256: d56260099ae428d25815ce180d4addedf2ebf9db8a6513fd78db2f471379c4b1
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzc9K86tC0oBEdAUSIOHz7v3Zu0sKFGOMLEwcJSDo0Pzb8%2BDZndXM7u35RGGIhFIeLdX6nR0LiCIoKInQOhKISEg%2BKhe4Q6JFSKnRXSwOvua9972vePt2PtvPz4iPnJ6uvWNGSmu60q77tVc%2BCILrtU2V5MPasBt%2BGLau1%2BzgWi%2Bs%2B6%2FW3pJ8x6w0%2FMD3Az%2BorSsrIzNcmZlQ6YNeUO%2F59VajHrRbGNr%2Fapd7cNSDGJyR56DEdOmxdwWKV0jib9ak28lM%2Btqbca5pZiwG4ui9ZCcxRYJ4QSPrIUqOzq9h3Mn6I5jkcB4XZvDPIVNT4v34CCw5Og8JNjiY52QaMgET%2F0cxqCB1BUUrcHMXSpwQgAvc3EIS379pbEF3n7l05k7J0tO%2FoIopWfrtCpL44apWw9odo%2FNMmcRhGJVQwwqqXyHNj5GNLkAVx%2BDZp1DiF7LydBNJfLDltIESpy%2BFtCujVuQv07ZsLrfCKFzu%2BaK97IsG7zVbrXaz05gXpFQFFVXQcgzqLiB3HnLlIY885KmHWJzWeBAEHV9w6nd7nDdFR7JQ%2BAHtRAEN%2FLCLnM%2B%2BYYwsHYPrMbjdQ2r3sKPGsPkPcNslnPDgMoKBKFFIgsIRFJSgUARFRlAMykOhXcOV94V2OQvOsXGOzXJisv4%2BPTRZXyZkPz0jl%2BbF%2FfHTJ9iRpzVOw7ARRGGLcREJn7YpbdCow9udsNPuNhtwqoRyF0Cdh5GaEvLzZaQz%2FOIaGD2G08fg6hJo%2FiJoMek0fNDtSavrY5Q8HKk03XXb1Mo6NzGEKZFmS8h2vX19Rp6fJ3n596uQ%2FAk5H3BbIrUlPlKPCfr63uS2KcjBbVM48u1WmqlYjejs997JaCYvfvW23C2MFRtrbvzlDT4zZvTBu9JlmzQRKuk78vWqEkLadWO5JN9vuPclu5W77dXcJnm6eeuN9Y04tdI5ZZIKVJ18HIKrKbl443D%2Bbi%2F%2FGULZCjYvEeeLpMpU4OkeXLrYOUNg9UKz1EORlxPbYIulVgRaLjRlJdy%2FNFvwfXcPfXsVNLuLJC4xsCUGugTVY7j8f5MstU9e%2F7U5HzDtTZi23gHTVn%2F%2BrFqnTmtNX3SYjGSHyVa7FUkuWLvNfB5x1hTdLkfmpuw788LfAAAA%2F%2F8BAAD%2F%2F3LMzdOCBAAA HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:00:27 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9e3413d11bae428a391387633b9d88e
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fnorton%2F2%2Fjs%2Fscript.js&l=385&fd=351 HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:00:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www114.zippyshare.com/
Cookie: u_pl=15255681; uid_id2=6a8ef4f0-a5e3-46f6-90d5-0d2c93445372:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Fri, 24 Jun 2022 08:00:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range