| anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip | 135.181.248.190 | 200 OK | 4.7 kB |
URL User Request GET HTTP/1.1anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash747e61f5bc5055fa5c8ca5aa93953235 1b7656bef1607d63bc259691990962c4e917989c b10d060b9bb40993da688dbdd184c6773d178b918453f5ffbb2d96a75ab88ec8
GET /114C/Liliths_Throne_v0.4.9.5_exe_version.zip HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=okggsl4452kkel4mfrf260vekk; expires=Sun, 05-May-2024 14:12:59 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Encoding: gzip
|
|
| anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css | 135.181.248.190 | 200 OK | 77 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (65319), with CRLF line terminators Hash9b67b9ffbfcbe226a8c413fa740fd91c 7837bd0c312897e46311aaf472947f3e23d75df2 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 76922
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-12c7a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash25cfe48e07622a00154b677afcbaeb47 23e3ae1bd04ad1d00d25d30e39815104ceeae52f 709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 6019
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1783"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css | 135.181.248.190 | 200 OK | 3.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash4541b29b6040bc31b760f98e914fd1d7 0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba 6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 3160
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-c58"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/socicon.css | 135.181.248.190 | 200 OK | 9.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/socicon.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash910a42ce112991b31b30a735f1006a5f 6c8b4769270f1c86bb1c7a6b54325465395ba614 010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 9838
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-266e"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash30265c8089a8f3e871d0873ef6a5b944 2804a2fe5a6a956626ce6a46adf6b1a0676ee13d f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 3889
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f31"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css | 135.181.248.190 | 200 OK | 12 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (11486), with CRLF line terminators Hash3d2946aeae3cc8f43e2acf82ea029bd4 c25a0bd445ff9e6034d34e8f388f5565515a2783 705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3051"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/custom.css | 135.181.248.190 | 200 OK | 8.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/custom.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash65417cde74809cb9b9e66d0ab4adc448 9729ccac013729aed790fdc25d71d858f50a137b c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 8936
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-22e8"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/flickity.css | 135.181.248.190 | 200 OK | 2.5 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/flickity.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash244d315064064270eabbbb7ac9f6c700 21ad53d3efbb40154293190173ee0c497ed7651c ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 2521
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-9d9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js | 135.181.248.190 | 200 OK | 87 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators Hash5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 86713
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-152b9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css | 135.181.248.190 | 200 OK | 59 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (58929), with CRLF line terminators Hash879812fc22af75aa3ae7b5666ca4f4b8 df27469a952b7ee36cc03db471c6198f577186a8 c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 59119
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-e6ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js | 135.181.248.190 | 200 OK | 54 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators Hash8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 53873
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-d271"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206456 bytes) Hashe13b70f9d6654b3656aec5b1bd5ae02a 903010ac4b9034f6839847a20ecd0f5a728b2b96 8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 206456
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-32678"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206493 bytes) Hash08f6281c909985fb24a5e3ad2be6753a 3a2f1161f8aea5fab0f54b64f43f293d9f1316c3 dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d
GET /themes/spirit/assets/frontend/css/theme/charcoal.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 206493
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3269d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/typed.min.js | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/typed.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (3949), with no line terminators Hash2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f6d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/datepicker.js | 135.181.248.190 | 200 OK | 21 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/datepicker.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators Hash8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-51ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/granim.min.js | 135.181.248.190 | 200 OK | 11 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/granim.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators Hash714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 10635
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-298b"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js | 135.181.248.190 | 200 OK | 14 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators Hash0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 13862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3626"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators Hashc9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 6028
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-178c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js | 135.181.248.190 | 200 OK | 70 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (768), with CRLF line terminators Hash6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 69754
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1107a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css | 135.181.248.190 | 200 OK | 103 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Size103 kB (102727 bytes) Hashc9b1c618a7b12bd7ecf6034164b29164 f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99 fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: text/css
Content-Length: 102727
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-19147"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js | 135.181.248.190 | 200 OK | 5.4 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators Hash76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 5360
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-14f0"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/scripts.js | 135.181.248.190 | 200 OK | 115 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/scripts.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (914), with CRLF line terminators Size115 kB (114862 bytes) Hashce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 114862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1c0ae"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js | 135.181.248.190 | 200 OK | 1.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:12:59 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-72c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hash6c1e20bb65960360a6d1782e017c9314 d864c40dbd565e934fddeea36938456d6a26982c fafe927a322a36285028582aa429b7c47877cad76d2783d2b6ba3155e66bf9c6
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: image/png
Content-Length: 6221
Last-Modified: Sun, 04 Feb 2024 12:00:04 GMT
Connection: keep-alive
ETag: "65bf7c44-184d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hashecb7f5dbe1eee9fcc3d5839f7d2bb2fb 59c65d814622d7ea901cd367b4114cea05fdf1b9 d53d70c5ee49ccc36c86eca632815e1eb254786c4041b228196bb8c0cb635b20
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: image/png
Content-Length: 6204
Last-Modified: Sun, 04 Feb 2024 11:52:58 GMT
Connection: keep-alive
ETag: "65bf7a9a-183c"
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC | 142.250.74.72 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC IP142.250.74.72:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101615 bytes) Hash99abeed7466fe9b13884c215edeabfd8 b1ddae8e562d5486856df623f8dd7bbed057332f 00394e436d6e5bf44e92d58fc487cfe65624c0114265a80078c352ed0ba07e86
GET /gtag/js?id=G-GWR0PX9LQC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 14:13:00 GMT
expires: Sat, 04 May 2024 14:13:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 | 135.181.248.190 | 200 OK | 4.3 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 4292, version 1.0 Hashae072782b361d2afdbf43db08d3cfb73 f3db2e65b53d97491672f8631e21d6d05905cc88 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-10c4"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 | 135.181.248.190 | 200 OK | 80 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 80148, version 331.17301 Hashc500da19d776384ba69573ae6fe274e7 6290834672aba86d5b6c1c73b30b57c9c53996f7 cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=okggsl4452kkel4mfrf260vekk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-13914"
Accept-Ranges: bytes
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 812 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash878958f27fcd0bac90e34a4cc795d80e 885bdd89646e17385e25ab69254d890022a85e2b 1a5f432f0280d4609b5ac662f2d493c1c2850dd5da6a91317fb8e43db9681a0a
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 14:13:00 GMT
date: Sat, 04 May 2024 14:13:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 33198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 33198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 33198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 33198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 33198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 | 142.250.74.163 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19280, version 1.0 Hash386fb59be54b2d819064af98e57cc226 9e2d14d736be97ec84bfca3513558450cd6e3249 b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:12 GMT
expires: Fri, 02 May 2025 01:49:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
age: 217428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16516, version 1.0 Hash02ea59496b25ec14db0cd442451bf9f7 4266d37e1db030954b04cd1cf3ec06591d75fcab dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:24:56 GMT
expires: Fri, 02 May 2025 02:24:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
age: 215284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16516, version 1.0 Hash02ea59496b25ec14db0cd442451bf9f7 4266d37e1db030954b04cd1cf3ec06591d75fcab dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:24:56 GMT
expires: Fri, 02 May 2025 02:24:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
age: 215284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png | 135.181.248.190 | 200 OK | 5.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hasha9a8c24cea41bed7ef78ed1d12d48291 cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7 3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk; _ga_GWR0PX9LQC=GS1.1.1714831980.1.0.1714831980.0.0.0; _ga=GA1.1.1547968634.1714831980
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: image/png
Content-Length: 5016
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1398"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png | 135.181.248.190 | 200 OK | 447 B |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashf3d5da06fe8d5a2425d5d229285e5eea 01032b864f3c74bbf44771e2ba41eeb2251fad90 d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
Cookie: filehosting=okggsl4452kkel4mfrf260vekk; _ga_GWR0PX9LQC=GS1.1.1714831980.1.0.1714831980.0.0.0; _ga=GA1.1.1547968634.1714831980
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:00 GMT
Content-Type: image/png
Content-Length: 447
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1bf"
Accept-Ranges: bytes
|
|
| my.rtmark.net/gid.js?userId=008052728b66436ffbff12c8aa32a08f | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008052728b66436ffbff12c8aa32a08f IP139.45.195.8:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash9319f84a5de0f96f8c77e4d1c52a22b3 7368f807e3a98fe2ff6e1f52bed7e9f64ef8e6e1 1f5745a78ee48a900fdb7e46e41924673b9a5ab9927df3678f54881cd2f2beb1
GET /gid.js?userId=008052728b66436ffbff12c8aa32a08f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 | 139.45.197.250 | 200 OK | 880 B |
URL GET HTTP/2moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash7f94d5d772ba5667113992fe1b4e6d39 b07687fc907e973bd066273d441ab0b29a7dd625 50cbbeab07af07d548a556c1e5217d1f03a97f8dba9c76b55461a0835e5bd2a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 1d948f6d49b9512e920122d67ed99f01
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a | 139.45.197.242 | 200 OK | 131 kB |
URL GET HTTP/2cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typegzip compressed data, max speed, from Unix Size131 kB (131053 bytes) Hash1426c82c5c238623beb158664efd66c9 6143d397b5f3459d031f292da41473834ecf5f94 6e29a967534aae992088165c3e120f2987d9bbdcbdba7e15ad6ae8e8c0fffa36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27/7552beb94fc0bdff7bbb33cad3d1ab0a HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=04005253aca34b49f62b265d61ceafbb; oaidts=1714831980
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 675b6052a34b06869c47f6ba157f45fd
cache-control: max-age:290304000, public
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
expires: Tue, 09 May 2084 03:16:58 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonzip.com/sw.js | 135.181.248.190 | 200 OK | 5.2 kB |
IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (5235) Hashf3da3a180b9fcc93796c2e0064f80439 d3155e90b8bb0ccd2db019fa66beebf3f28d9116 2cfd12766505422ce33dad30985158e425f686a6a4e18d8a44e67b7c1af9451f
GET /sw.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=okggsl4452kkel4mfrf260vekk; _ga_GWR0PX9LQC=GS1.1.1714831980.1.0.1714831980.0.0.0; _ga=GA1.1.1547968634.1714831980; prefetchAd_7406588=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 14:13:01 GMT
Content-Type: application/javascript
Content-Length: 5236
Last-Modified: Sun, 28 Apr 2024 12:25:27 GMT
Connection: keep-alive
ETag: "662e4037-1474"
Accept-Ranges: bytes
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=8879bce3-b97d-4ee1-a3af-8bf090477551 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=8879bce3-b97d-4ee1-a3af-8bf090477551 IP139.45.195.254:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=8879bce3-b97d-4ee1-a3af-8bf090477551 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1425
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 14:13:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonzip.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 403
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 461bb8f97e8b094b9bc79dd8b2bbbecc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 7.5 kB |
IP172.67.193.52:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZ7zVScHQWSUsImxoT1PO40g8AiCOLMdK%2BpekAn63MFXuUc%2FR8Od3g0b2uOQnQiQRlQmttTYbpxGp2G2j%2B94KOfTGy4icYxILXSw9CC5B%2Frp0ztHwTM3qplwwbZe%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e916c948dd56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f | 139.45.197.242 | 200 OK | 0 B |
URL POST HTTP/2cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| aistekso.net/500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 0 B |
URL OPTIONS HTTP/2aistekso.net/500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=lkSaLNQtVqmOv40xxzMw7eSJks3Ccw6ParTyyfOJZGHvIIEzrLJ3OoR5cPxcCZdKN_SqS1jNY5PBfg4LEvSc5-P0YPbef2QNmmhyiw1t1jjnbc8X7A_U3B9hZyfr0ntJm32L_lizjof76BOhEF6dxg8bxztONxYe8E9caMurrq5j7XHp1Fl_93naZcd2LicBZMerR20hfaaBPCa45zNHBc5QuVf-cbbHQBkYPNnihkUTQdgXPzBWlVBnZiF3Ez79FhUn9A%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e72e1b52-9acc-4105-b1bf-47ed870d7e71&wasm=1&userId=008052728b66436ffbff12c8aa32a08f&m=link | 139.45.197.242 | 200 OK | 1.9 kB |
URL GET HTTP/2veepteero.com/?rb=lkSaLNQtVqmOv40xxzMw7eSJks3Ccw6ParTyyfOJZGHvIIEzrLJ3OoR5cPxcCZdKN_SqS1jNY5PBfg4LEvSc5-P0YPbef2QNmmhyiw1t1jjnbc8X7A_U3B9hZyfr0ntJm32L_lizjof76BOhEF6dxg8bxztONxYe8E9caMurrq5j7XHp1Fl_93naZcd2LicBZMerR20hfaaBPCa45zNHBc5QuVf-cbbHQBkYPNnihkUTQdgXPzBWlVBnZiF3Ez79FhUn9A%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e72e1b52-9acc-4105-b1bf-47ed870d7e71&wasm=1&userId=008052728b66436ffbff12c8aa32a08f&m=link IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
Hash0db033488c55c782235e00afb5bb86e9 39aed198097d3652d168c8dc150569c4b89e8c6b e8178572053d2606812ea25df9811333778edf98dada06a210528b2ab91f4b19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=lkSaLNQtVqmOv40xxzMw7eSJks3Ccw6ParTyyfOJZGHvIIEzrLJ3OoR5cPxcCZdKN_SqS1jNY5PBfg4LEvSc5-P0YPbef2QNmmhyiw1t1jjnbc8X7A_U3B9hZyfr0ntJm32L_lizjof76BOhEF6dxg8bxztONxYe8E9caMurrq5j7XHp1Fl_93naZcd2LicBZMerR20hfaaBPCa45zNHBc5QuVf-cbbHQBkYPNnihkUTQdgXPzBWlVBnZiF3Ez79FhUn9A%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=e72e1b52-9acc-4105-b1bf-47ed870d7e71&wasm=1&userId=008052728b66436ffbff12c8aa32a08f&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json
x-trace-id: 1f5d5e1a3d76374d06e44e44eda9e28e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:00 GMT; path=/; secure; SameSite=None
oaidts=1714831980; expires=Sun, 04 May 2025 14:13:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 14:13:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 412
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6c80f2d2c797995832ee9722f4dcdd63
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash0927decd5cb959dc581de44160434f0a b9b1a9f7f364579085c718ab2bfc312cda71f284 5ab835c0d152bbcaaa6d96c6cd4f021fe38763fc225744a68483f8a0be82410e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 540
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f | 139.45.197.242 | 200 OK | 2.7 kB |
URL POST HTTP/2cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashc90eae21df6a47aba76afaa58acc3cef 050066219a864bf05c3987be018a1941c3db7494 a8407107cc05771d7d824a9d8ce18bc9ad8a7a0bb21a1e6b6d7f52aecd426f30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008052728b66436ffbff12c8aa32a08f HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 190
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=04005253aca34b49f62b265d61ceafbb; oaidts=1714831980
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: e3da252a4bfcea32afd4ec60c06ae6e4
access-control-expose-headers: X-Sc
set-cookie: OAID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:01 GMT; secure; SameSite=None
oaidts=1714831980; expires=Sun, 04 May 2025 14:13:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cameesse.net/1?z=7406590 | 139.45.197.242 | 200 OK | 50 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typeJavaScript source, ASCII text, with very long lines (42427) Hash66c815b52c66c89118d34e4e81292381 de7f11ad32ae535201a1dad04d75797a920b62be 7a1608806949fb7bb172b0458cf2877894c4d6f184a33d71bdb3d0bc70227773
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1?z=7406590 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 2cd49568f35a033b06c3196c42b9a683
access-control-expose-headers: X-Sc
x-sc: xdCFbfWAS65FVZ8hjwz9iHenb0qfAc95AWuBCBuZljVqe_EYW-OdYEUN9X72u4YWdNn3MVyzIvZjiJwEMl5RLpFp8tU=
set-cookie: scm=1; expires=Sun, 04 May 2025 14:13:00 GMT; secure; SameSite=None
OAID=04005253aca34b49f62b265d61ceafbb; expires=Sun, 04 May 2025 14:13:00 GMT; secure; SameSite=None
oaidts=1714831980; expires=Sun, 04 May 2025 14:13:00 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2gishejuy.com/500/7406589?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| aistekso.net/500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 19 kB |
URL OPTIONS HTTP/2aistekso.net/500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typegzip compressed data, max speed, from Unix Hash0daf3264d00b0bcdc84fbee4ec52cc06 81cc5c36ac72441f7dfc75816d3fd3a2006dd54f 4b9d42109e25a28b917297940178ef99710750ff22d2a4b4d330134a21bf486d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /500/7406591?excludes=&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=03005263c12f4076fa2a51e7ae5086c4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/javascript
x-trace-id: 6fe6dfb5e6f92ed6006f4da9968674bb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonzip.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810626688963579904&ctrl_fetch_dest=iframe&ctrl_id=6636426d944bc264752887&ctrl_ts=1714831981.6074&ctrl_ab=burp | 143.204.55.105 | 302 Found | 0 B |
URL GET HTTP/2track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810626688963579904&ctrl_fetch_dest=iframe&ctrl_id=6636426d944bc264752887&ctrl_ts=1714831981.6074&ctrl_ab=burp IP143.204.55.105:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerAmazon Subjecttrack.jefytrack.com FingerprintD9:FC:91:D1:FD:F0:F4:2D:48:E9:47:EE:31:A0:1C:23:D3:9A:29:D8 ValiditySun, 21 Apr 2024 00:00:00 GMT - Tue, 20 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810626688963579904&ctrl_fetch_dest=iframe&ctrl_id=6636426d944bc264752887&ctrl_ts=1714831981.6074&ctrl_ab=burp HTTP/1.1
Host: track.jefytrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://externalde.com/out/xyhkxckud/?ctrl_id=6636426d944bc264752887&ctrl_ab=burp&ctrl_ts=1714831981.6074&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=w78hsnqua6mmt6213fvqrr0q
date: Sat, 04 May 2024 14:13:01 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 145f6684-c379-407a-a2eb-922622a713e1-v4=lnkOx7TxTABcVm_DPntrxiU1JO_g-Pbk5LA_iZaGn-M; Max-Age=86400; Expires=Sun, 05-May-2024 14:13:01 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w78hsnqua6mmt6213fvqrr0q%22%2C%22caid%22%3A%22145f6684-c379-407a-a2eb-922622a713e1%22%7D; Max-Age=31536000; Expires=Sun, 04-May-2025 14:13:01 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BKq7KpflVFlR2VqLMwzL6uktzhw-KK93T8XOwlY523gMjmJ-amzgyA==
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/L5GP_3Df7uxo8WtvHhOmf5OrxFw-zmz_8janTlvGihaiAGWdoi6mQ-1T_SWUxqHCa00mcJBG0RLDpMqH_c3W_5skzMPRptVSjV1WAd-7q4n4IFRjA5nL7XqgrxdU7jxIc2N93L_UMVAMmt4VdcwKIooTDql2ySVawhH1tqf39C9MIwV65K_AepZfuoNd83YL151DdeEiN6vqD3jIQQPClhJosEUTCJiSMIMui8Pt-FflkY9k78XMl97do0s4Te2Zub9uoiCSyT1zgQ56_eoI-T3BhftHpNQYHaMT8q_xIEmcGP_EBoIJBkDwpRBQoRGbRT60CpRjtURN-YBM3144QQ-MQ_rmiX2tgP4HSP-c7wwilzH-JcTuKOe2pNKXF__lEpD6K07U3eXbH2ti9rByOMkCCx8GkkopyrJtejsoUwWDSS9ioUKk8BEIISJxkStdrueY8v325GAxA5RmTHyGuy8G8kbfRkUYwDSAArgv754r0LA7QCe1gDhL84faeEMybfCwgvDEtoqj0F1UKuv45Tg3JdvkkGoVegVNaw7F6DH46BoAvvukuDyvMlkN9RbDeI5pdfEvDC0nuJ03d-WQZPM-PpDMoz1oPC0uvJGz2RIipgzmUMEErOfoDfnErYKHjTwf-9i2dHEJZga9IhiKxynStm8Jo72atU2581VpOvEGCY51PaAvZFI4tQPYKpVA-fAPcgx2fxkUZzld4UcGboMAfi9HOs8v_MYJ7U2OJ5rkHiMjHbevyX9CddJeVTvHhSVF_dU7p0xR0GaeCcJyEu32ZsWdWNx5CtQ3iA8rGQCGEx_Tn73vjyy3VOE=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/L5GP_3Df7uxo8WtvHhOmf5OrxFw-zmz_8janTlvGihaiAGWdoi6mQ-1T_SWUxqHCa00mcJBG0RLDpMqH_c3W_5skzMPRptVSjV1WAd-7q4n4IFRjA5nL7XqgrxdU7jxIc2N93L_UMVAMmt4VdcwKIooTDql2ySVawhH1tqf39C9MIwV65K_AepZfuoNd83YL151DdeEiN6vqD3jIQQPClhJosEUTCJiSMIMui8Pt-FflkY9k78XMl97do0s4Te2Zub9uoiCSyT1zgQ56_eoI-T3BhftHpNQYHaMT8q_xIEmcGP_EBoIJBkDwpRBQoRGbRT60CpRjtURN-YBM3144QQ-MQ_rmiX2tgP4HSP-c7wwilzH-JcTuKOe2pNKXF__lEpD6K07U3eXbH2ti9rByOMkCCx8GkkopyrJtejsoUwWDSS9ioUKk8BEIISJxkStdrueY8v325GAxA5RmTHyGuy8G8kbfRkUYwDSAArgv754r0LA7QCe1gDhL84faeEMybfCwgvDEtoqj0F1UKuv45Tg3JdvkkGoVegVNaw7F6DH46BoAvvukuDyvMlkN9RbDeI5pdfEvDC0nuJ03d-WQZPM-PpDMoz1oPC0uvJGz2RIipgzmUMEErOfoDfnErYKHjTwf-9i2dHEJZga9IhiKxynStm8Jo72atU2581VpOvEGCY51PaAvZFI4tQPYKpVA-fAPcgx2fxkUZzld4UcGboMAfi9HOs8v_MYJ7U2OJ5rkHiMjHbevyX9CddJeVTvHhSVF_dU7p0xR0GaeCcJyEu32ZsWdWNx5CtQ3iA8rGQCGEx_Tn73vjyy3VOE=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/L5GP_3Df7uxo8WtvHhOmf5OrxFw-zmz_8janTlvGihaiAGWdoi6mQ-1T_SWUxqHCa00mcJBG0RLDpMqH_c3W_5skzMPRptVSjV1WAd-7q4n4IFRjA5nL7XqgrxdU7jxIc2N93L_UMVAMmt4VdcwKIooTDql2ySVawhH1tqf39C9MIwV65K_AepZfuoNd83YL151DdeEiN6vqD3jIQQPClhJosEUTCJiSMIMui8Pt-FflkY9k78XMl97do0s4Te2Zub9uoiCSyT1zgQ56_eoI-T3BhftHpNQYHaMT8q_xIEmcGP_EBoIJBkDwpRBQoRGbRT60CpRjtURN-YBM3144QQ-MQ_rmiX2tgP4HSP-c7wwilzH-JcTuKOe2pNKXF__lEpD6K07U3eXbH2ti9rByOMkCCx8GkkopyrJtejsoUwWDSS9ioUKk8BEIISJxkStdrueY8v325GAxA5RmTHyGuy8G8kbfRkUYwDSAArgv754r0LA7QCe1gDhL84faeEMybfCwgvDEtoqj0F1UKuv45Tg3JdvkkGoVegVNaw7F6DH46BoAvvukuDyvMlkN9RbDeI5pdfEvDC0nuJ03d-WQZPM-PpDMoz1oPC0uvJGz2RIipgzmUMEErOfoDfnErYKHjTwf-9i2dHEJZga9IhiKxynStm8Jo72atU2581VpOvEGCY51PaAvZFI4tQPYKpVA-fAPcgx2fxkUZzld4UcGboMAfi9HOs8v_MYJ7U2OJ5rkHiMjHbevyX9CddJeVTvHhSVF_dU7p0xR0GaeCcJyEu32ZsWdWNx5CtQ3iA8rGQCGEx_Tn73vjyy3VOE=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008052728b66436ffbff12c8aa32a08f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:05 GMT
content-type: image/gif
content-length: 43
x-trace-id: 4870e5fef565f9f0584404f2e2bc0886
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| aistekso.net/impression/Y1tZetqJWw6ZhPwz5KkbEl36VL6aequVDVZhybKoY-yFVs7jNek5WgMXPxG1gp8wELKx9YQmfShjtnwHP-noHGDdAmFwutp6A-XFJci7aqoAaM6NiZih7zABjJmu3dnqHWvpZpuvt2Ym8DRE2dCSJL_FPgblRS8vhXizt8ML8HqLyCIjhUHogXMIz1e0wAZeGcbqW0XaRNhpcmVV59--H3KysFF0fjP4OzQgEXlZwwLD4rOWDXRcKfZIxD_2fcZKxxsRN9m8Sn5v1BArM2omV9qJMfPiE3lWVt9hBxhBd4GvaCMk0Ez7GCsmXc-B9YLZUKmkEiO7bOefSpJR2jHRfKJ7ij7qebw2mwCHkTGIhcgbMb2cw_-WNxhuPZ-OylqV9QsyNWcvWfHPg5q2Q2_BOwzWioMfcYR1GVvzKGEWG3nkvNtXEbrNAxhnzJMJaGxWJErj9UEBDbKwqlAp3InSA6zMOPIDYRQy78ToOxmeKZAd6EbTo1icWIoVb38oNQnq02dGip2v3f9XouJaX3TzwUL5OYeUVbxGyxMTez74LCSQQL8EpRYet1DE4G8ltBe1urmUcJpqE-9GXvFE3dAZZVIitHrkd8rsR2u-VlZotiVZGulb3IuUyVd6M2dta8-2l43p3JwLd_splHAulrmS5wknlNknMZNHzX-iq_FoTNSRy_Lhbgp4S9NtIo11zHyZINxkj296ARpBp9vEd-mI82d_j0DMZwG4AAKV7xF3122hCF7m5bJ82jWOXujtAW9ZrSfyUpzDKh2BhObIF5HZTAJ4i3FKu2tt314L2DrnYDDrv85J3ryBkjHGP64=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 43 B |
URL GET HTTP/2aistekso.net/impression/Y1tZetqJWw6ZhPwz5KkbEl36VL6aequVDVZhybKoY-yFVs7jNek5WgMXPxG1gp8wELKx9YQmfShjtnwHP-noHGDdAmFwutp6A-XFJci7aqoAaM6NiZih7zABjJmu3dnqHWvpZpuvt2Ym8DRE2dCSJL_FPgblRS8vhXizt8ML8HqLyCIjhUHogXMIz1e0wAZeGcbqW0XaRNhpcmVV59--H3KysFF0fjP4OzQgEXlZwwLD4rOWDXRcKfZIxD_2fcZKxxsRN9m8Sn5v1BArM2omV9qJMfPiE3lWVt9hBxhBd4GvaCMk0Ez7GCsmXc-B9YLZUKmkEiO7bOefSpJR2jHRfKJ7ij7qebw2mwCHkTGIhcgbMb2cw_-WNxhuPZ-OylqV9QsyNWcvWfHPg5q2Q2_BOwzWioMfcYR1GVvzKGEWG3nkvNtXEbrNAxhnzJMJaGxWJErj9UEBDbKwqlAp3InSA6zMOPIDYRQy78ToOxmeKZAd6EbTo1icWIoVb38oNQnq02dGip2v3f9XouJaX3TzwUL5OYeUVbxGyxMTez74LCSQQL8EpRYet1DE4G8ltBe1urmUcJpqE-9GXvFE3dAZZVIitHrkd8rsR2u-VlZotiVZGulb3IuUyVd6M2dta8-2l43p3JwLd_splHAulrmS5wknlNknMZNHzX-iq_FoTNSRy_Lhbgp4S9NtIo11zHyZINxkj296ARpBp9vEd-mI82d_j0DMZwG4AAKV7xF3122hCF7m5bJ82jWOXujtAW9ZrSfyUpzDKh2BhObIF5HZTAJ4i3FKu2tt314L2DrnYDDrv85J3ryBkjHGP64=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/Y1tZetqJWw6ZhPwz5KkbEl36VL6aequVDVZhybKoY-yFVs7jNek5WgMXPxG1gp8wELKx9YQmfShjtnwHP-noHGDdAmFwutp6A-XFJci7aqoAaM6NiZih7zABjJmu3dnqHWvpZpuvt2Ym8DRE2dCSJL_FPgblRS8vhXizt8ML8HqLyCIjhUHogXMIz1e0wAZeGcbqW0XaRNhpcmVV59--H3KysFF0fjP4OzQgEXlZwwLD4rOWDXRcKfZIxD_2fcZKxxsRN9m8Sn5v1BArM2omV9qJMfPiE3lWVt9hBxhBd4GvaCMk0Ez7GCsmXc-B9YLZUKmkEiO7bOefSpJR2jHRfKJ7ij7qebw2mwCHkTGIhcgbMb2cw_-WNxhuPZ-OylqV9QsyNWcvWfHPg5q2Q2_BOwzWioMfcYR1GVvzKGEWG3nkvNtXEbrNAxhnzJMJaGxWJErj9UEBDbKwqlAp3InSA6zMOPIDYRQy78ToOxmeKZAd6EbTo1icWIoVb38oNQnq02dGip2v3f9XouJaX3TzwUL5OYeUVbxGyxMTez74LCSQQL8EpRYet1DE4G8ltBe1urmUcJpqE-9GXvFE3dAZZVIitHrkd8rsR2u-VlZotiVZGulb3IuUyVd6M2dta8-2l43p3JwLd_splHAulrmS5wknlNknMZNHzX-iq_FoTNSRy_Lhbgp4S9NtIo11zHyZINxkj296ARpBp9vEd-mI82d_j0DMZwG4AAKV7xF3122hCF7m5bJ82jWOXujtAW9ZrSfyUpzDKh2BhObIF5HZTAJ4i3FKu2tt314L2DrnYDDrv85J3ryBkjHGP64=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008052728b66436ffbff12c8aa32a08f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:06 GMT
content-type: image/gif
content-length: 43
x-trace-id: 3af973fd629674e309f9a41a068149ce
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.32.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 14:13:06 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Sat, 04 May 2024 20:06:53 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 65170
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e916e9990792a3-CPH
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=19845928&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 0 B |
URL OPTIONS HTTP/2gishejuy.com/500/7406589?excludes=19845928&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=19845928&oaid=008052728b66436ffbff12c8aa32a08f&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:06 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg | 104.22.32.172 | 200 OK | 19 kB |
URL GET HTTP/2offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash71581bf2ce9a00138faf7dd80fe3e12e 56479135ed64bf23e1037067c0c87047eb8a414c 5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e
GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 14:13:06 GMT
content-type: image/jpeg
content-length: 19381
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 04 May 2024 18:07:30 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 72336
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e916ea59e592a3-CPH
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.32.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 14:13:06 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Sat, 04 May 2024 20:06:53 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 65170
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e916ebbb8f92a3-CPH
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:08:19 GMT
expires: Sat, 03 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 115487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 10:46:32 GMT
expires: Wed, 30 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 357994
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810626688963579904 | 104.21.64.36 | 302 Found | 3.4 kB |
URL GET HTTP/2securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810626688963579904 IP104.21.64.36:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectsecuredpeacomm.com FingerprintE2:58:9B:FC:54:26:CA:CC:89:05:0D:28:D6:2E:28:9E:39:7E:5F:D6 ValidityMon, 15 Apr 2024 19:27:34 GMT - Sun, 14 Jul 2024 19:27:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash3760de954296b4127be241e50251e17c 732a60fa3e6960f5d5216d59661a38a734599940 18732ff4313ebebeb0435b8decefe20c35559fe980ba710d3405136c8ef87b8b
GET /in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810626688963579904 HTTP/1.1
Host: securedpeacomm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 14:13:01 GMT
content-type: text/html; charset=UTF-8
location: https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810626688963579904&ctrl_fetch_dest=iframe&ctrl_id=6636426d944bc264752887&ctrl_ts=1714831981.6074&ctrl_ab=burp
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Tks8XIGuyYg6tkS%2FagAoi3nD9ooIYESDAz3TCj3QefO8mOwTVprP%2BZW6w9%2FSZB%2FFu1W0FcJ5Gj4TKcwyJOaN7gBU%2BRB30XcX1AgXKCLNV2mVhK7NLEDncMCbTszBc43FRqUyXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e916cc7b15568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/bmHug5qZMnRcX54nHIkCx913BmnrpBElkd_o_E7leuEQ51ob7ZcC3DqPZyaWXJ2FIasPSdcCUi_7BmPfTDF28WKhZpwH63JFQFZT_JIyTh58hzKAeqfRT11lI4hL2OrBPvBpC-q0hfwhrNLqOoqbhA1Wj4oh5wUzZDhhioCUUf6gnazn8GD5ZApvSuL39xONSLoU4JOx81q3I9XUH84Jgzm5wBBBzDQiqCMcBBykez-mrxKtKBKYQJ3TSXDeZw_sZ5f_3_Q6GuFT1tlFh20i1ZkZLmdxy5H1EHnVkT1U6kgPK555IZdqFzgoEjgCJKaJ460vW9Oq57N0VMOGyGAntYVloP_Tt8BIbug0SN4d5OX7BGySiQGUd1IihUpwqdlHDqnm-IDGAnNAiixRVOs0CNLvYi585PK53dhIeCG0cap2RrZguBsNyuSLajW_U5DS86fhsdryk604NQuYGJEs_1wG4MIL2Mti9xHNYmkJt07hD-UYiWhB2SmFk9ze_6TxBRkOWd-8R6fgRqWeTdrmZoOkeA_4gPi_Ah0Vnzbt0jQhRU2AqSqxB_wQjhTMlyWRGosNaCCuPqi0IdP4od4-uInx-ZM5xSqG9vueYWRedA4NKN9hfC675I88dhEnXnaG-ayPDmdraC8ZlYUtKO8Vppixpdn7dhRVLn7quz1Cqu__S8kPQiSAQByxRPvy61dNjlRJa_4pY5Y58gzOzymxQQmhojZHjB8miE0lbI7HUs7YUgf84BfRXSWb1kl1oRPx-ySvLktuX4RciwiSUgJ01foXQGt9wsAVFIFkJnQZhI7oCmtWukSRGKj8Gvg=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/bmHug5qZMnRcX54nHIkCx913BmnrpBElkd_o_E7leuEQ51ob7ZcC3DqPZyaWXJ2FIasPSdcCUi_7BmPfTDF28WKhZpwH63JFQFZT_JIyTh58hzKAeqfRT11lI4hL2OrBPvBpC-q0hfwhrNLqOoqbhA1Wj4oh5wUzZDhhioCUUf6gnazn8GD5ZApvSuL39xONSLoU4JOx81q3I9XUH84Jgzm5wBBBzDQiqCMcBBykez-mrxKtKBKYQJ3TSXDeZw_sZ5f_3_Q6GuFT1tlFh20i1ZkZLmdxy5H1EHnVkT1U6kgPK555IZdqFzgoEjgCJKaJ460vW9Oq57N0VMOGyGAntYVloP_Tt8BIbug0SN4d5OX7BGySiQGUd1IihUpwqdlHDqnm-IDGAnNAiixRVOs0CNLvYi585PK53dhIeCG0cap2RrZguBsNyuSLajW_U5DS86fhsdryk604NQuYGJEs_1wG4MIL2Mti9xHNYmkJt07hD-UYiWhB2SmFk9ze_6TxBRkOWd-8R6fgRqWeTdrmZoOkeA_4gPi_Ah0Vnzbt0jQhRU2AqSqxB_wQjhTMlyWRGosNaCCuPqi0IdP4od4-uInx-ZM5xSqG9vueYWRedA4NKN9hfC675I88dhEnXnaG-ayPDmdraC8ZlYUtKO8Vppixpdn7dhRVLn7quz1Cqu__S8kPQiSAQByxRPvy61dNjlRJa_4pY5Y58gzOzymxQQmhojZHjB8miE0lbI7HUs7YUgf84BfRXSWb1kl1oRPx-ySvLktuX4RciwiSUgJ01foXQGt9wsAVFIFkJnQZhI7oCmtWukSRGKj8Gvg=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/bmHug5qZMnRcX54nHIkCx913BmnrpBElkd_o_E7leuEQ51ob7ZcC3DqPZyaWXJ2FIasPSdcCUi_7BmPfTDF28WKhZpwH63JFQFZT_JIyTh58hzKAeqfRT11lI4hL2OrBPvBpC-q0hfwhrNLqOoqbhA1Wj4oh5wUzZDhhioCUUf6gnazn8GD5ZApvSuL39xONSLoU4JOx81q3I9XUH84Jgzm5wBBBzDQiqCMcBBykez-mrxKtKBKYQJ3TSXDeZw_sZ5f_3_Q6GuFT1tlFh20i1ZkZLmdxy5H1EHnVkT1U6kgPK555IZdqFzgoEjgCJKaJ460vW9Oq57N0VMOGyGAntYVloP_Tt8BIbug0SN4d5OX7BGySiQGUd1IihUpwqdlHDqnm-IDGAnNAiixRVOs0CNLvYi585PK53dhIeCG0cap2RrZguBsNyuSLajW_U5DS86fhsdryk604NQuYGJEs_1wG4MIL2Mti9xHNYmkJt07hD-UYiWhB2SmFk9ze_6TxBRkOWd-8R6fgRqWeTdrmZoOkeA_4gPi_Ah0Vnzbt0jQhRU2AqSqxB_wQjhTMlyWRGosNaCCuPqi0IdP4od4-uInx-ZM5xSqG9vueYWRedA4NKN9hfC675I88dhEnXnaG-ayPDmdraC8ZlYUtKO8Vppixpdn7dhRVLn7quz1Cqu__S8kPQiSAQByxRPvy61dNjlRJa_4pY5Y58gzOzymxQQmhojZHjB8miE0lbI7HUs7YUgf84BfRXSWb1kl1oRPx-ySvLktuX4RciwiSUgJ01foXQGt9wsAVFIFkJnQZhI7oCmtWukSRGKj8Gvg=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008052728b66436ffbff12c8aa32a08f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:09 GMT
content-type: image/gif
content-length: 43
x-trace-id: 32bc9e89efd9e9dfacda49b45bc045a5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.106 | 200 OK | 8.1 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP142.250.74.106:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash89c5b8a9359283a487580d98ee529f01 6e4b4a5c4d353c1b0517469970b4f3916ba3f3d9 011240a225754bfaa35d0fec0913647c80e520bc1fd130f57c310a8a32606426
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 14:13:06 GMT
date: Sat, 04 May 2024 14:13:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cameesse.net/11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2cameesse.net/11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008052728b66436ffbff12c8aa32a08f; oaidts=1714831980
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:21 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 0587ffb7c2f98cc4bb831a45487d14de
access-control-expose-headers: X-Sc
set-cookie: OAID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:21 GMT; secure; SameSite=None
oaidts=1714831980; expires=Sun, 04 May 2025 14:13:21 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 04 May 2025 14:13:21 GMT; secure; SameSite=None
CNT=1_v1_rtk9AQEAAACHTQAA; expires=Sat, 04 May 2024 15:13:21 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/7406591 | 139.45.197.244 | 200 OK | 91 kB |
IP139.45.197.244:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashece1af3b0e3144fe14d20a3a373fe0cf f991125d21f4dc941edb3505c12517a3e6fe94f6 6761677568c3f97d8e53a27757c61acde40c20e511ca29d07979db77f108d64e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/7406591 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: application/javascript
x-trace-id: 92e23839411db6ad44d9c1ec5828323d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005263c12f4076fa2a51e7ae5086c4; expires=Sun, 04 May 2025 14:13:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/61794 | 139.45.197.242 | 200 OK | 3.1 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3367), with no line terminators Hashd628735742f4fc8597f3980d3df1f629 d99bd4d143870c0d62f1d558339ad5229a28b1e9 af64f0aa5b09a954eef8a88505a6cfdd6a408f0ae1587695c1a0233655b1e0d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/61794 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/tag.min.js?z=7406592 | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2moonoafy.net/pfe/current/tag.min.js?z=7406592 IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (14612), with no line terminators Hashffdd38e0a5a1a47cb341a116a3318e0e 2fd730feff506cf56e14c531e9d89cdea2cca424 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/tag.min.js?z=7406592 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-3914"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cameesse.net/121?rnd=2467410867&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810626688963579904&cln={CELL_NUMBER}&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&bag=ydU9kaAfa6I=&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904 | 139.45.197.242 | 302 Found | 1.1 kB |
URL GET HTTP/2cameesse.net/121?rnd=2467410867&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810626688963579904&cln={CELL_NUMBER}&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&bag=ydU9kaAfa6I=&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /121?rnd=2467410867&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810626688963579904&cln={CELL_NUMBER}&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&bag=ydU9kaAfa6I=&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=008052728b66436ffbff12c8aa32a08f; oaidts=1714831980
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-length: 0
location: https://securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810626688963579904
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ed82507379832633a48f6913f4681e1d
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| lkbx.me/4KqY7?uid=w78hsnqua6mmt6213fvqrr0q | 47.89.248.255 | 200 OK | 1.1 kB |
URL GET HTTP/2lkbx.me/4KqY7?uid=w78hsnqua6mmt6213fvqrr0q IP47.89.248.255:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerDigiCert Inc Subjectlkbx.me Fingerprint85:1C:F3:96:31:0D:EC:E9:85:9D:6E:27:5F:AE:1D:6C:F2:9B:F5:BD ValidityMon, 27 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1129), with no line terminators Hash752d116ad9763cca692cb45ac95e94a1 4384b74ca22eb08cf8703216e372babf6fdc5b7d 1db7055f9963d5be2fd9904e2f5e58c034dc60a98a965ea03415ca9630695dc3
GET /4KqY7?uid=w78hsnqua6mmt6213fvqrr0q HTTP/1.1
Host: lkbx.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:13:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: discuz_2132_saltkey=aZadnW1y; expires=Mon, 03-Jun-2024 14:13:02 GMT; Max-Age=2592000; path=/; secure; httponly
discuz_2132_lang=en; path=/; secure
discuz_2132_lang=en; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gishejuy.com/400/7406589 | 139.45.197.242 | 200 OK | 84 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash6e9e3daa99aace4bfa7ffbdd91ed9c62 14e6b0db06a96013a1d8674a5d9edaf9dd19f389 64abc616ce5e436ce0c8b5cfb7efed03e3723b64a3f03b57c3c6860fa14a5741
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /400/7406589 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:00 GMT
content-type: application/javascript
x-trace-id: 31061bbb92290a9f763de78554750f74
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030052762174407ae136bda97ca83a8f; expires=Sun, 04 May 2025 14:13:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/universal.min.js?v=3.1.504 | 139.45.197.250 | 200 OK | 90 kB |
URL GET HTTP/2moonoafy.net/pfe/current/universal.min.js?v=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4caad44ecc6a13eba45b63ed7cf9e387 e67dfe90bebd5447495d8fe962d03e55f6d13071 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/universal.min.js?v=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-15efa"
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cameesse.net/11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=85 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2cameesse.net/11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=85 IP139.45.197.242:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=3361781033&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=NwK7l_c3WDTWwFy4P_AjyQa2cfiPWN6BCFW9GCFHKsFyrKf1f_BiViKiQ6_AZr_e7wL3GnbGoLzerV6WC2n5Yn506JOTYUUb46v0-6D1BpFl1FADKeYUF0C1MDCrxV-KRJvLSZHsTcMR3ZI_D_hV5BwfqoXnV9i8tHz8u39lkPvGCxTCEBV_8VQtNCB_uJ7ygFL9ly0wzzGYd6Ze1OfbcntbE-bLJu3pYdcsrYKxDZ_d2SOnUgwi-Q4DnG0nrP1HcKFum_8qpWaBGrkFUKrpKp056JdVmCjHwlTBiRMvWUZSB8rJwfBklNLB3BX-cF_JPEmL7Zp0hJtSU62AzYWGRY7JRDNEamNkBou1mptYeOpmTYc8SuQxTCZhuszMRtORHU5q9lt46XFkmFpAOP2deggWGDiIv0Ivj6VEjJL4LLON32XQdvtH-2EwmsuntE2D3xxaEsQ1wrqhtb3-BgqfEjqqR5Z_6oGU2d_EVECyu7OV86Wrj175rAIY0Bi3NlmmxkOIaBiSpSs5OSNHoGE9YqH1P8A8kj-32sClSNOHxWseCIUlN3aCv5nbp-jyvwX0H--g8rj7Nt3W2p0GZ73oafBootBH9oLAmSoi2e5xtipF6l2o&ruid=f1a6bd0a-467a-40ec-8304-94bfe891560f&subid=810626688963579904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2F114C%2FLiliths_Throne_v0.4.9.5_exe_version.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=85 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008052728b66436ffbff12c8aa32a08f; oaidts=1714831980
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 14:13:01 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 185f68935c15632a0631ea15dd016d4d
access-control-expose-headers: X-Sc
set-cookie: OAID=008052728b66436ffbff12c8aa32a08f; expires=Sun, 04 May 2025 14:13:01 GMT; secure; SameSite=None
oaidts=1714831980; expires=Sun, 04 May 2025 14:13:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i | 142.250.74.106 | 200 OK | 37 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i IP142.250.74.106:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hashc2b8ea09ec90a66034e1b61bc1f8e5d4 9558953728cacfc3433ba6281c1b4a58fbbc9d51 1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 14:13:00 GMT
date: Sat, 04 May 2024 14:13:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| alwingulla.com/88/tag.min.js | 104.21.72.155 | 200 OK | 81 kB |
URL GET HTTP/2alwingulla.com/88/tag.min.js IP104.21.72.155:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectalwingulla.com FingerprintB6:A3:BD:4F:5E:0D:58:50:07:9D:17:E0:30:97:67:97:9E:23:1A:1C ValidityTue, 12 Mar 2024 16:48:22 GMT - Mon, 10 Jun 2024 16:48:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hashd8fe6d8977be78f78ee48c068b8c8686 e9c96bfc9bcd374f528f73c0441c2358d6d1d135 43423a879e310562ceed423aa563f4fac45713e6f59b0517d897e2c96a42993b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/tag.min.js HTTP/1.1
Host: alwingulla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 14:12:59 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 624b03ca331891542e6efac5f0adfba8
cache-control: max-age=86400
last-modified: Fri, 03 May 2024 05:52:08 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 05 May 2024 05:45:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 30446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0H5k%2FqO2JfySpj1K1Gcv520WOOAAMPx2muKoxNXm90b0xRTZaI72wuLHQXigj8OMjEiKY0q%2BIwYUqIoBtsmzOAj6kDj0uhOiKv23bmCvmtheoU86ht8JPNucyIyatBjSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e916c1799c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| externalde.com/out/xyhkxckud/?ctrl_id=6636426d944bc264752887&ctrl_ab=burp&ctrl_ts=1714831981.6074&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=w78hsnqua6mmt6213fvqrr0q | 104.21.9.15 | 302 Found | 1.1 kB |
URL GET HTTP/2externalde.com/out/xyhkxckud/?ctrl_id=6636426d944bc264752887&ctrl_ab=burp&ctrl_ts=1714831981.6074&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=w78hsnqua6mmt6213fvqrr0q IP104.21.9.15:443
Requested byhttps://anonzip.com/114C/Liliths_Throne_v0.4.9.5_exe_version.zip CertificateIssuerGoogle Trust Services LLC Subjectexternalde.com Fingerprint0D:2A:5D:DC:29:15:BD:05:1C:8E:F1:C5:82:D4:C0:5C:D6:A5:AB:58 ValiditySat, 27 Apr 2024 14:00:09 GMT - Fri, 26 Jul 2024 14:00:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /out/xyhkxckud/?ctrl_id=6636426d944bc264752887&ctrl_ab=burp&ctrl_ts=1714831981.6074&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=w78hsnqua6mmt6213fvqrr0q HTTP/1.1
Host: externalde.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 14:13:01 GMT
content-type: text/html; charset=UTF-8
location: https://lkbx.me/4KqY7?uid=w78hsnqua6mmt6213fvqrr0q
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKL%2FsBLyXbn3rd%2Fuqr2nkDBwZsyCydNh6RTok%2BKsVGahYfwDivVSDjyQGol4LbfaMsY0RpVXBEKVCJJWoJ56olRxam5YCzXqBnUzRv9RMQKD1cIyHsfBiPKhVHzpdUhCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e916ce4d535696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|