Report - anontransfer.com/download/uFzGht7yCQ/INEScsv.zip

Report Overview

Submitted URL
anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 06:43:29
Access
public
Website Title
INEScsv.zip - AnonTransfer
Final URL
anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-04-15	676 B	1.9 kB	143.204.53.97
newassets.hcaptcha.com	11055	2018-01-12	2021-03-22	2024-04-15	2.5 kB	756 kB	104.18.125.91
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-15	1.6 kB	197 kB	104.17.25.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	3.2 kB	325 kB	142.250.74.163
fundingchoicesmessages.google.com	2397	1997-09-15	2019-01-16	2024-04-15	2.9 kB	311 kB	142.250.74.46
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-15	932 B	92 kB	142.250.74.46
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-15	866 B	846 B	3.123.64.179
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-16	1.7 kB	75 kB	142.250.74.106
api2.hcaptcha.com	unknown	2018-01-12	2023-05-02	2024-04-15	605 B	1.5 kB	104.18.125.91
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-15	1.1 kB	7.3 kB	142.250.74.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	1.4 kB	22 kB	142.250.74.106
hcaptcha.com	5458	2018-01-12	2018-04-03	2024-04-15	396 B	111 kB	104.18.125.91
canoperation.com	unknown	unknown	No data	No data	2.5 kB	5.8 kB	192.243.59.12
procuratorthoroughlycompere.com	unknown	unknown	No data	No data	2.6 kB	9.4 kB	192.243.61.225
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	430 B	737 B	142.250.74.164
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-15	882 B	212 kB	45.133.44.9
lh3.googleusercontent.com	66	2008-11-17	2012-05-22	2024-04-15	546 B	15 kB	142.250.74.161
flintdepreciate.com	unknown	unknown	2022-06-08	2024-03-23	874 B	25 kB	172.240.108.76
anontransfer.com	unknown	2023-05-23	2023-05-24	2024-03-26	4.7 kB	589 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	flintdepreciate.com	Sinkholed
2024-04-16	medium	flintdepreciate.com	Sinkholed
2024-04-16	medium	canoperation.com	Sinkholed
2024-04-16	medium	canoperation.com	Sinkholed
2024-04-16	medium	procuratorthoroughlycompere.com	Sinkholed
2024-04-16	medium	procuratorthoroughlycompere.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	anontransfer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ecJHoxJ_X8w.es5.O/am=wA/d=1/rs=AJlcJMxNo3Q5UuOpQ8W3V2Sm4yUfAS3obw/m=kernel_loader,loader_js_executable	184 kB	2024-04-16	2024-04-16
Pretty URL anontransfer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ecJHoxJ_X8w.es5.O/am=wA/d=1/rs=AJlcJMxNo3Q5UuOpQ8W3V2Sm4yUfAS3obw/m=kernel_loader,loader_js_executable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:39 Times Seen2 Hash 3f421f27bd21df586bd6ef36e28c899c 6484698cc6b467f7fe997314ea651797c416841a f88e76e8e21e6901181448e2d70a479027f0c83bccabfc78702872308048f247 Loading...

	unknown	196 B	2024-04-05	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 18:56:12 Last Seen2024-04-16 08:43:38 Times Seen5 Hash fd172912077cb016e4494e4694786892 3dfcc9df2cb88419bf3049f56716f437a0128b21 ccdf758e7a047ac2715c4bd62e1811c6f3e50e1ddad60e27e4d054e7e64f00d1 Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	197 B	2023-03-07	2024-04-22
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:41:05 Last Seen2024-04-22 19:19:53 Times Seen160 Hash 79d326aeaa6e19d724e6ea8be36c9b41 56b0adbce5f2cbe9ea20c6291fcf57ce9ffb2c35 60477c993d0d8fd8615f7c81f33b9a4359e34b180161f856640cab5d79866126 Loading...

	hcaptcha.com/1/api.js	387 kB	2024-04-04	2024-04-30
Pretty URL hcaptcha.com/1/api.js IP 104.18.125.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 18:06:19 Last Seen2024-04-30 11:09:09 Times Seen1327 Hash 052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9 Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	641 B	2024-04-16	2024-04-16
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:38 Times Seen1 Hash 5e8f13db3a5541a99025ae1bfec96b37 37d2e75b20cec9e3b067755110acc85907f6f98b 17e17c09a08a4f7b2a621d2c3dfea493550b72a8099a10d41e496315bba422af Loading...

	anontransfer.com/public/popper.min.js	19 kB	2023-03-07	2024-04-16
Pretty URL anontransfer.com/public/popper.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:05 Last Seen2024-04-16 08:43:39 Times Seen43 Hash 72d3b1e50e1a60d898f7817b27d76c1a 01d720c9ed9eab4e8d7f87d013cb3af11540d498 98f078a39b01008ae2eefd279d4aecc614b2b2533a4f8bef368e69d1977f5cb2 Loading...

	unknown	145 B	2024-04-12	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 09:12:27 Last Seen2024-04-16 08:43:38 Times Seen2 Hash cfadc07f569c4c82767c459c6e25efb7 b44e4192cd544dde82fbf0c3581cfca72dc45f80 afaeff706ee0dbd69126d4dd5f65ab6337ff2a75940cc90ed20e120b441ec0ed Loading...

	unknown	3.3 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:38 Times Seen1 Hash 95b1f76af7c0500fbf9f6f814dfbf3fc 385e10dc8075110717c4f2afe8d97367468f3329 c3cd7d2ecadd5b332f3a85004512a730229f5a07f70a63dad7cd48d9872cbe70 Loading...

	flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js	31 kB	2024-04-16	2024-04-16
Pretty URL flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:39 Times Seen2 Hash 05d6796bcc150ce6b2d03ca27a4d5424 509165ae1680073c517ae79cba5f1e51b168fda3 bac6b0070d549bea0ddff045b9b71936bc0f29627d37b09ae7f331ccabfed713 Loading...

	newassets.hcaptcha.com/c/282d0ff/hsw.js	528 kB	2024-04-02	2024-04-17
Pretty URL newassets.hcaptcha.com/c/282d0ff/hsw.js IP 104.18.125.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 21:03:12 Last Seen2024-04-17 22:23:44 Times Seen557 Hash f593c8f46e9cb4a93e13a33ec29e7214 40817a1a4bc1e5418a8cba7ecfcd5d10e5dd6e5c e9299541a3837fefdaa7e596c82626eb26d5774273b13a2590cb4a71845880f5 Loading...

	unknown	48 B	2023-04-11	2024-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45:29 Last Seen2024-05-02 02:21:13 Times Seen19079 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	429 B	2023-03-07	2024-05-01
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:02:48 Last Seen2024-05-01 09:08:29 Times Seen1451 Hash eafaa0be830db11da3770638100b686f db325dc427493ed0c2988ef229573b7093425466 96adbda6f380d09bfd780e4143e165a48037b43421d3964980a4343aedc644ab Loading...

	flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js	31 kB	2024-04-16	2024-04-16
Pretty URL flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:39 Times Seen2 Hash 8644df900ce9afdc460fc089ccc51449 c795c45d65d8c83d09797755fa4bba815d65d91a dcff67e891b33d65d24a44f3671cb2064a16659ed27cd9afc58f4f88e81cba46 Loading...

	anontransfer.com/public/main.js	3.2 kB	2023-10-03	2024-04-16
Pretty URL anontransfer.com/public/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-03 23:46:10 Last Seen2024-04-16 08:43:38 Times Seen10 Hash 2f913676be4281619bb857d9455330ed 486b39d12e0ce4c5206cd84b3e0b72572fa57569 e52e70c5fce3bd7046418adc22baa60f61a3fb4d1fcd136b7397c4f66b47bfb5 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main	213 kB	2024-04-16	2024-04-22
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 07:53:23 Last Seen2024-04-22 21:37:55 Times Seen105 Hash 4bb91f7d3340c67fbc422fe923cb4ce4 aa81f4daf848d66f92f853be4bb57333694b2712 2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a Loading...

	unknown	145 B	2023-10-03	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-03 23:46:10 Last Seen2024-04-16 08:43:38 Times Seen6 Hash d43684c6c27ac7953008e1bf91851b55 6099e4999cad32664808fcb6c5f4e361f7fbf474 bec1a53bc34714144110ee0f8424b5ede24b9d8907667dca5b5e3d5eb4437b0b Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	16 kB	2024-03-13	2024-04-16
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-13 19:42:29 Last Seen2024-04-16 08:43:38 Times Seen8 Hash c7173ab337f9d060a21a80e1e8c8b9c7 a853128694b1d2666cb7856d060c193539096d75 92775d02f3a5283a7f49a31ae40449cf7cd5c739995c0dd0803682fab27bede6 Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	57 B	2023-03-07	2024-05-02
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-02 03:13:26 Times Seen10906 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	282 B	2024-04-05	2024-04-16
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-05 18:56:13 Last Seen2024-04-16 08:43:38 Times Seen5 Hash b99f13a3a5a5d22f1546583702f5c988 6a7e018cd79b69e78088bde15b703e761a5fe08d 32bcfb52929b5e6f7626cc800c54c77dda67eb2eec6f2491fe330931d70ff982 Loading...

	unknown	3.3 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:38 Times Seen1 Hash 4fc0108fb9f6f98d3d412751bb71bf75 6585f4af314f78a01d014679a54529cd78421398 1102a6d1961072b3a093984b3eb8dd2d9bea23b46e2ea1c21e94584e3b02097a Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	139 B	2024-04-12	2024-04-16
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 09:12:28 Last Seen2024-04-16 08:43:38 Times Seen2 Hash 4330f38a51cd9280acfd341e9896f832 8b49ff0893a7a4febd8a73a715753d5b215269ef 1523a964479dd113f87dcabf81ed3f2af6a6eeaffc3ae5f8451480c170145392 Loading...

	unknown	196 B	2024-04-12	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 09:12:27 Last Seen2024-04-16 08:43:38 Times Seen2 Hash 91d9b3661e9634d08905a2088f81810d d43b48811cdbad2b66d1a8682218ca34582d6eb9 b0069084d996057ab532effe380b211806d6cf6c9ca37d237933c7207cdf38c4 Loading...

	fundingchoicesmessages.google.com/b/pub-1857840457925128	11 kB	2024-03-23	2024-04-16
Pretty URL fundingchoicesmessages.google.com/b/pub-1857840457925128 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-23 19:52:49 Last Seen2024-04-16 08:43:39 Times Seen11 Hash 7d95c2ce557d72fb57101949fb17cfd3 fced0c276fe7dd10b6ec5709ad0b56623be753bb fa23e295b611fa0af4ba3a1828b1452ec9735f8c303c5c2f426113ed616e437f Loading...

	anontransfer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ecJHoxJ_X8w.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzNmwUsCENOAcdpBYq51breoEeWpg/m=web_iab_tcf_v2_wall_executable	378 kB	2024-04-16	2024-04-16
Pretty URL anontransfer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ecJHoxJ_X8w.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzNmwUsCENOAcdpBYq51breoEeWpg/m=web_iab_tcf_v2_wall_executable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:38 Last Seen2024-04-16 08:43:39 Times Seen1 Hash 3faf4cb4028e10c743e7cc37fcb7fcb4 38d4a061cf1f5d498a3a1338a71316a155237360 0afe4c76c53f3618eef95fd235735ce8663535e5ec4193d33910d01f9ff0a755 Loading...

	anontransfer.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=wA/d=1/rs=AN8SPfo5FOuNZ0lWhM-9tMFOFDxakNM8KA/m=el_conf	90 kB	2024-04-16	2024-04-16
Pretty URL anontransfer.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=wA/d=1/rs=AN8SPfo5FOuNZ0lWhM-9tMFOFDxakNM8KA/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:43:39 Last Seen2024-04-16 08:43:39 Times Seen2 Hash eaf46830e60ec6ecdc4900be6f075824 90192094b496595bcc0d1b67bc074b5988acde6d 4c09d3418494e971614728ad14e246bebcc5d4414e433d1a9af443226b7d07ca Loading...

	anontransfer.com/download/uFzGht7yCQ/INEScsv.zip	483 B	2024-04-16	2024-04-16
Pretty URL anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 08:43:39 Last Seen2024-04-16 08:43:39 Times Seen1 Hash f9256768f8d78623d9e6b7ba57ce3816 708db1867f05e5b1473c8f1f898740e63288f225 a3488920710a742357d4ee9e35b162823f65249fe4e5ac4cb042fc092d00aa8f Loading...

	anontransfer.com/public/bootstrap.min.js	59 kB	2023-03-07	2024-05-02
Pretty URL anontransfer.com/public/bootstrap.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-02 03:15:15 Times Seen3314 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0da3fa513a34d09514d21f7e63761052	2.1 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 08:43:39 Last Seen2024-04-16 08:43:39 Times Seen1 Hash 0da3fa513a34d09514d21f7e63761052 f87f05b00dbaa962ace83cd9b9958d86d204238f 4dd9ed81aaa973efe6f4d00ced984731ad577cf66d5bfbe0c6a60d677bda404c Loading...

	#2 Eval - b34987d33a089b60bc23a054be40ea5d	2.1 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 08:43:39 Last Seen2024-04-16 08:43:39 Times Seen1 Hash b34987d33a089b60bc23a054be40ea5d ddd7bb27a0c96ad154900c72828d02506e33fa27 c2e987535bb11ef18178554eabf8019d2024bf2fbec079b7b0594074adf3d389 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6a3e28cd9133102e30f8e9f951c74e55	111 B	2024-04-05	2024-04-16
Pretty Observations First Seen2024-04-05 18:56:13 Last Seen2024-04-16 08:43:39 Times Seen5 Hash 6a3e28cd9133102e30f8e9f951c74e55 416d6018f3c6fb1ade734ad7dbb91e565e4b859c d95b8b7169ab4f9f3a1bdf9332ab44b74fc5699e4eb07ad80ab42c617fc57a4d Loading...

	#2 Write - d7de3322887c3559b68585534e341396	468 B	2023-12-20	2024-04-29
Pretty Observations First Seen2023-12-20 13:25:57 Last Seen2024-04-29 08:51:58 Times Seen398 Hash d7de3322887c3559b68585534e341396 6d5c11d3a5293aa1afa4469955c2bd0b55b74659 bea38c43003f1089b174c87f2c1c42a63f61137aad1cfb72b7dd05d3ec1cc9f1 Loading...

	#3 Write - 85479f96822e8649396df1fcd938433e	3.0 kB	2023-12-20	2024-04-28
Pretty Observations First Seen2023-12-20 13:25:57 Last Seen2024-04-28 17:30:30 Times Seen190 Hash 85479f96822e8649396df1fcd938433e 735a0a8214d33107342b5ebe31517ba4556aa5a9 2ce69a78ccd3581e1c96367d9d546d25db2813b5e23defd66afc1cc449423240 Loading...

HTTP Transactions (53)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css

104.17.25.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52276)
Size
19 kB (18752 bytes)
Hash
ded1c367363e8b20bdc6a19b8350a737
8c06d82739d14b094ff6d9036021a252bd1d985d
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 46277
expires: Sun, 06 Apr 2025 06:43:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeKlV8eZ40thyOD84JI24R0bM4FTvCNmVfBRe8%2BIWW9UJJUDsHWRsoLcHvFFeMGUbfVJt9UHJMlfr7rcirYYUHlBiPYjbzk21OJs2GnI3Tw2KnSdJHweKlZ%2FRwfKc1%2FDMzqN3NqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e1ff63b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js

172.240.108.76

200 OK

12 kB

URL GET HTTP/1.1
flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subject*.flintdepreciate.com
Fingerprint96:4B:5E:31:39:BC:A8:A9:FC:33:E8:DF:02:9B:39:41:44:DB:7E:4E
ValiditySun, 31 Mar 2024 06:33:52 GMT - Sat, 29 Jun 2024 06:33:51 GMT

File type
JavaScript source, ASCII text, with very long lines (31331), with no line terminators
Size
12 kB (11848 bytes)
Hash
8644df900ce9afdc460fc089ccc51449
c795c45d65d8c83d09797755fa4bba815d65d91a
dcff67e891b33d65d24a44f3671cb2064a16659ed27cd9afc58f4f88e81cba46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5565fd691e8ecaf4ea72c31df91cabfb/invoke.js HTTP/1.1
Host: flintdepreciate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75ee008c7ef9860482305afde3081021
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.163

4.0 kB

URL GET
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.163:0
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 09:56:47 GMT
expires: Wed, 09 Apr 2025 09:56:47 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 593175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23088
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anontransfer.com/download/uFzGht7yCQ/INEScsv.zip

188.114.97.1

200 OK

44 kB

URL User Request GET HTTP/2
anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (12460)
Size
44 kB (44308 bytes)
Hash
651072378801466c13317895a2065142
154cc3bc229624fe0ebb1268c99d0d3e677aaf2d
73baaf608d6d9a637b56c42ad359cef391e3a83ab7977e6138a6920a799d8fba

HTTP Headers

GET /download/uFzGht7yCQ/INEScsv.zip HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:01 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
set-cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJYONW%2BcxrSQH7jZJyTXGP%2Biibr6mN8mOBzOWQIqJbK3Rdot%2BvrohHuwZ5xwjlLDg8JyDoOaKQs8y5qk3RKRjRpy2Crnv1fOmpZ%2FtPja3asQpJKCuClFI9XdaKVXuuetlW6q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232dc0cfa5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

anontransfer.com/public/main.min.css

188.114.97.1

200 OK

6.8 kB

URL GET HTTP/3
anontransfer.com/public/main.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
ASCII text, with very long lines (3051), with no line terminators
Size
6.8 kB (6808 bytes)
Hash
3fc528a6ac461cf722453550f1724fbd
16824e2d8624d1ab7a66557d7d4d07b2eedc9169
efbc4399fd77df1667558a30eca43025bf7bbedce0f7981811c6ff00632fbd0a

HTTP Headers

GET /public/main.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css
last-modified: Tue, 17 Oct 2023 16:25:58 GMT
etag: W/"beb-607ebfa4a031d-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbJpqyQEUpzJn1Ly%2B82RkNvip89LM6S6OHStekqadTpOWTkAURruslJBnyYk2u4TCU9VxSJuqJ9IHtn5CHQAvQySUEYY5THjiof5%2FQnjwJf19y8XFkQ5cKBkHt8cNrk0w81M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba267131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js

192.243.59.12

200 OK

12 kB

URL GET HTTP/1.1
flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subject*.flintdepreciate.com
Fingerprint96:4B:5E:31:39:BC:A8:A9:FC:33:E8:DF:02:9B:39:41:44:DB:7E:4E
ValiditySun, 31 Mar 2024 06:33:52 GMT - Sat, 29 Jun 2024 06:33:51 GMT

File type
JavaScript source, ASCII text, with very long lines (31290), with no line terminators
Size
12 kB (11840 bytes)
Hash
05d6796bcc150ce6b2d03ca27a4d5424
509165ae1680073c517ae79cba5f1e51b168fda3
bac6b0070d549bea0ddff045b9b71936bc0f29627d37b09ae7f331ccabfed713

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8f8c6bfd82782c8f98d832200d00f426/invoke.js HTTP/1.1
Host: flintdepreciate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 819f4c1d3716c8e8ab0e575d2d2211cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23089
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

142.250.74.163

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23089
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150124, version 772.256
Size
150 kB (150124 bytes)
Hash
c64278386c2bbb5e293e11b94ca2f6d1
6b99aa650bd12a36caa14e0127435d8f4cd3ba73
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 43166
expires: Sun, 06 Apr 2025 06:43:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCuRPQBvtcgp9PiBK7vamXbUUCVh6m7LLLlY9GeHhaiDKZMLM2ni8XsK2Lg6p6KfL6GYa42iyNtuHVf1%2F%2Fld33qMjSkcvIhQEV7l%2FM2WDwEwuRtuZwQh9ZIwfXDf%2B4kd9IqbUAgP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e97bed0b69-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2

104.17.25.14

200 OK

25 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24948, version 772.256
Size
25 kB (24948 bytes)
Hash
61f30b79daf5b31f0d254a31fba66158
fb363d27cfdfe71a243fa2ac3dab2815232b9b7e
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

HTTP Headers

GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 46756
expires: Sun, 06 Apr 2025 06:43:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIE1Nlh1IGdc16XsG6T5PRIu8vKwWOfdRMtk%2FueoSRK0iaNej9eD8bzhV3k5aFLZUOtz6eiPh%2F4LjwEHmjc9jrQ67dm346tDfHFOuIPsbD8ys06su%2BJ9cMlCuui7Z5KW3bEk52Sb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e97bef0b69-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0bea14a24acf01e7602c416935848793
3493b99ca0da4d0c60f848069fa57e39b335a87a
229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 06:43:03 GMT
Last-Modified: Tue, 16 Apr 2024 05:53:27 GMT
Server: ECAcc (ska/F6A3)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g60KzchDzXOT85GAPc_AmWHnMvW3RYHWfuG7jleZr0G1aH-xaH_htg==
Age: 2976

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0bea14a24acf01e7602c416935848793
3493b99ca0da4d0c60f848069fa57e39b335a87a
229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 06:43:03 GMT
Last-Modified: Tue, 16 Apr 2024 05:45:42 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vS9jELyzN26pjHv0GuKf2P0urGlyUNDmpRoA8IGKSFLmKdrvINpW0w==
Age: 3441

proftrafficcounter.com/stats

3.123.64.179

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.123.64.179:443
ASN
#16509 AMAZON-02

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
32f7ea4dd3598298fd12adcf5293736a
92010bc3b20b028cd322a07175b42ea16309c36e
0ddde3d65938363525c573916b2d9a3c1c447546053bd16afe9e9cb22ef0871c

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anontransfer.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f14d16c8-c561-4d72-afc6-9144799adc9d:2:1; expires=Fri, 14 Apr 2034 06:43:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.123.64.179

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.123.64.179:443
ASN
#16509 AMAZON-02

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
6209911ee3287adef1d6679bc82e79bb
7a199c70511f4760095c919640adfb456b3b8c95
d14824052567eaafa5c6893ec4e4c317059238be70a680ed2013ffd5a896487e

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anontransfer.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bd44e50a-f68a-496a-95ba-448e811b6587:2:1; expires=Fri, 14 Apr 2034 06:43:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main

142.250.74.106

200 OK

74 kB

URL GET HTTP/3
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2333)
Size
74 kB (73503 bytes)
Hash
4bb91f7d3340c67fbc422fe923cb4ce4
aa81f4daf848d66f92f853be4bb57333694b2712
2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73503
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 19:01:35 GMT
expires: Tue, 15 Apr 2025 19:01:35 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 12 Apr 2024 23:10:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 42088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw==

142.250.74.46

204 No Content

0 B

URL GET HTTP/3
fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw==
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-dF_4EuHdasdSml5ScU1YFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIh-P77h8b2AQ6Pn5uZgIAzUIM_Q"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js

104.18.125.91

200 OK

113 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size
113 kB (113113 bytes)
Hash
052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9

HTTP Headers

GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eadb0356c0-OSL
content-encoding: br

anontransfer.com/public/at-logo.webp

188.114.97.1

200 OK

3.9 kB

URL GET HTTP/3
anontransfer.com/public/at-logo.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.9 kB (3897 bytes)
Hash
75c23d00886f1425dce4f378ed3873e9
eeed775e7b4d58e51e1f18590812939d19ead2b1
01ea6b5484951a3c7b20ee83e857e6a780af1290849a584a76ba43c6f21a4792

HTTP Headers

GET /public/at-logo.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: image/webp
last-modified: Wed, 24 May 2023 02:52:25 GMT
etag: W/"d42-5fc6797f80c40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooWf3HHff8NyILCkOj8eqgtEQBUyibk6CHAQl3u%2FaNZXFZdHAoiQRl3OdoV2lPX9hOS5s%2Fv8UKNJM%2FFx8DtMEACV9e%2B%2FynDMRYYGSEN7WycSguY8lS3ZYHLu9fLpzScleLVq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba3c7131-OSL
alt-svc: h3=":443"; ma=86400

hcaptcha.com/1/api.js

104.18.125.91

200 OK

111 kB

URL GET HTTP/2
hcaptcha.com/1/api.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size
111 kB (110866 bytes)
Hash
052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9

HTTP Headers

GET /1/api.js HTTP/1.1
Host: hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
cf-ray: 875232e20cdd568f-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
expires: Mon, 29 Apr 2024 16:59:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

anontransfer.com/public/bootstrap.min.js

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
anontransfer.com/public/bootstrap.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
JavaScript source, ASCII text, with very long lines (58940)
Size
18 kB (17578 bytes)
Hash
259e416ef6833be43801b8b68a93b008
19080c3b817985336aab5e1ce6925c99803f2efd
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce

HTTP Headers

GET /public/bootstrap.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:32 GMT
etag: W/"e753-6011947e0f800-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRSGrvzUFk1tvie8cpeVmf2WczukrG7LftKhPES4Lu9RZcoaP6HzB4SjNHe4%2FgwWkE5VhDosp5xiCKJvtrOk5XO9oCqL5Qj1gCbDMa41UM6re8jr51aHacuhMRM%2BZCzrCrxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca427131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

canoperation.com/watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1

192.243.59.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
canoperation.com/watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectcanoperation.com
FingerprintE3:89:98:47:D8:0E:7E:1C:6C:BE:D9:09:72:F5:78:CE:74:77:6A:73
ValiditySat, 13 Apr 2024 09:09:23 GMT - Fri, 12 Jul 2024 09:09:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 HTTP/1.1
Host: canoperation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Location: https://canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1
Set-Cookie: u_pl=20439511; expires=Wed, 17 Apr 2024 06:43:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTUxMSwiayI6IjhmOGM2YmZkODI3ODJjOGY5OGQ4MzIyMDBkMDBmNDI2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6NSwicHQiOjQsInBrIjoiZ2RpZmNhcWIzaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Fub250cmFuc2Zlci5jb20vZG93bmxvYWQvdUZ6R2h0N3lDUS9JTkVTY3N2LnppcCIsImFyIjpbXX19.tpOwbYI0Dprry5Kqn7z-zY-QmTgg9fuh1iaWZ-en8-Q; expires=Tue, 16 Apr 2024 06:44:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fb250c1944a565245b08922c3a5563a
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap

142.250.74.106

200 OK

758 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
758 B (758 bytes)
Hash
ca3845b5e55e70e7291da81b9c72d5d3
72a1d53b585bffad4f4bbc7621c036c49b6d1db3
2e6cc9b51a829b52a905c36b7912aac61835af10a1eb946b34e15e72d855b7d6

HTTP Headers

GET /css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:43:02 GMT
date: Tue, 16 Apr 2024 06:43:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1

192.243.59.12

200 OK

2.1 kB

URL GET HTTP/1.1
canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectcanoperation.com
FingerprintE3:89:98:47:D8:0E:7E:1C:6C:BE:D9:09:72:F5:78:CE:74:77:6A:73
ValiditySat, 13 Apr 2024 09:09:23 GMT - Fri, 12 Jul 2024 09:09:22 GMT

File type
JavaScript source, ASCII text, with very long lines (2654)
Size
2.1 kB (2111 bytes)
Hash
dda33854bf174c672168e86f6698d53e
b77945a596f64d28069499c04290ba3c1b9d3c32
c1ddd75323cdb6734a654396cf5ea79d4950c2ccc14ffd96d7f69e4a7338e5cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 HTTP/1.1
Host: canoperation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
Referer: https://anontransfer.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20439511; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTUxMSwiayI6IjhmOGM2YmZkODI3ODJjOGY5OGQ4MzIyMDBkMDBmNDI2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6NSwicHQiOjQsInBrIjoiZ2RpZmNhcWIzaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Fub250cmFuc2Zlci5jb20vZG93bmxvYWQvdUZ6R2h0N3lDUS9JTkVTY3N2LnppcCIsImFyIjpbXX19.tpOwbYI0Dprry5Kqn7z-zY-QmTgg9fuh1iaWZ-en8-Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f14d16c8-c561-4d72-afc6-9144799adc9d:2:1; expires=Tue, 23 Apr 2024 06:43:04 GMT; secure; SameSite=None
iprc3521fe06282d811140feea0838788343=3569806; expires=Tue, 16 Apr 2024 10:43:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 344e57855d5a20ac8bb4df684d67699d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1

192.243.61.225

200 OK

2.1 kB

URL GET HTTP/1.1
procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectprocuratorthoroughlycompere.com
FingerprintAF:D8:36:A0:09:80:82:1E:49:AF:23:0C:AE:36:37:9F:34:3D:C8:22
ValiditySat, 13 Apr 2024 08:54:24 GMT - Fri, 12 Jul 2024 08:54:23 GMT

File type
JavaScript source, ASCII text, with very long lines (2649)
Size
2.1 kB (2111 bytes)
Hash
4197a593f6940987ec51e6949f61708e
efc78cdec8abfac5ddcfe8cb9744f4293726bc4d
066cc1ab83a9927a1fcb85e02931db7e380063f3726466ef54aae5c8e64fa593

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 HTTP/1.1
Host: procuratorthoroughlycompere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
Referer: https://anontransfer.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20439883; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLCJhciI6W119fQ.SEEoK5XT97UWkyzumszfeO04BvIbaoSOI7QVOrSYJkM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bd44e50a-f68a-496a-95ba-448e811b6587:2:1; expires=Tue, 23 Apr 2024 06:43:04 GMT; secure; SameSite=None
iprc4a198241795c429d733d6ce56b8751e3=3569807; expires=Tue, 16 Apr 2024 10:43:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c2c7817b2c3a5c8135df393e052c1fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.163

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:14:56 GMT
expires: Tue, 15 Apr 2025 21:14:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 34088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

142.250.74.163

200 OK

3.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:43:59 GMT
expires: Wed, 16 Apr 2025 01:43:59 GMT
cache-control: public, max-age=31536000
age: 17945
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414

142.250.74.46

204 No Content

0 B

URL GET HTTP/3
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-sxRbD6zv7vxXrwnAaDM5VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmLw15BicEqfwRoExELcHD92_9jAJjBhem8yAGxRCUM"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=18.SE=J_O9Ji60ONy6kiKauG_y0HWSo5r1bUbaSNNuGum8jwmZWzNouay4T5aumNUXFsF3ap09BFGsPEG5JUUoGotvn5jdH3fE0jvNTQirzVzRmgY3L5-j-GRUyKRhIf9qPnPCDh5C6xa4sg2vZcNKYQczdpjtWLFpbbQxRyiUaeHXEhA; expires=Fri, 16-May-2025 23:01:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/cleardot.gif

142.250.74.164

200 OK

43 B

URL GET HTTP/2
www.google.com/images/cleardot.gif
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06
ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 16 Apr 2024 06:43:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js

104.18.125.91

200 OK

110 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41625)
Size
110 kB (109656 bytes)
Hash
052bf4abb4128ef78b68c418f7d94678
2b6c44a8cc009017a2909c7afd71e371e82b7d27
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9

HTTP Headers

GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eadb0056c0-OSL
content-encoding: br

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.9

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:04 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Thu, 18 Apr 2024 06:43:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png

45.133.44.9

200 OK

67 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced
Size
67 kB (67174 bytes)
Hash
a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c

HTTP Headers

GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:04 GMT
content-type: image/png
content-length: 67174
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Thu, 18 Apr 2024 06:43:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0

142.250.74.46

200 OK

108 kB

URL GET HTTP/3
fundingchoicesmessages.google.com/f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
gzip compressed data, max compression
Size
108 kB (107667 bytes)
Hash
36b98f40bdabfcf3ef7a47c49e4be66d
822b5c21cf9250188528de27ed8009be688010cf
5dfbf00c833a4ee736a61edb7517fa2ca43fc15fdb7efb7e878d3d46c3b20b10

HTTP Headers

GET /f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
content-security-policy: script-src 'nonce-Tw6zGMyO8ZVEYB0xevdY5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhbo4fu39sYBOY0f67BgDVDytg"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.106

200 OK

20 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
20 kB (20448 bytes)
Hash
8c26a0e24065327a7d547f3e3291ecfc
fe16bef81aba40bc494c2aa646b6658ba85a36f2
b01bab758cffca54a83252ba2aec9fd72732f0069cf5f64f57d0b7f6e5b5cc08

HTTP Headers

GET /css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:43:04 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 08:04:32 GMT
expires: Wed, 09 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 599912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.163

200 OK

128 kB

URL GET HTTP/3
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:40:02 GMT
expires: Fri, 11 Apr 2025 02:40:02 GMT
cache-control: public, max-age=31536000
age: 446582
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fundingchoicesmessages.google.com/el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ==

142.250.74.46

204 No Content

0 B

URL POST HTTP/3
fundingchoicesmessages.google.com/el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ==
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 92
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DI62p9csLthSv7QoG2KODg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-PH7h8b2AQuTHn7gAkAzLcNNw"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

anontransfer.com/public/file-format-icon.webp

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
anontransfer.com/public/file-format-icon.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.6 kB (5606 bytes)
Hash
a69ab1770613d0d2ddea6868dab6b782
8b2ff22124198c503781b19f3a4187314aa0e253
b49a4128e30e197f5b33af2811330b7c2e39ff3da47f7ca9a9db945b70234d41

HTTP Headers

GET /public/file-format-icon.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: image/webp
last-modified: Thu, 22 Jun 2023 19:59:23 GMT
etag: W/"384-5febd5215fcc0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfNyxUpNZxq1CqYKvMjGk96OouMgBhCB%2BvBRFinfZTFGs4LS5IfGdfe3mFFHwO8o5uSdpauP1J%2BeeWStQPITYZDQFuYhLMR7vmvMvc%2BEU%2FR%2Bwerpy7BR%2FDWf5bSvi1DIme9G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba3e7131-OSL
alt-svc: h3=":443"; ma=86400

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://anontransfer.com/
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 16 Apr 2024 06:43:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anontransfer.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1183
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 16 Apr 2024 06:43:13 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

90 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
90 kB (89739 bytes)
Hash
eaf46830e60ec6ecdc4900be6f075824
90192094b496595bcc0d1b67bc074b5988acde6d
4c09d3418494e971614728ad14e246bebcc5d4414e433d1a9af443226b7d07ca

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:02 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anontransfer.com/public/main.js

188.114.97.1

200 OK

3.2 kB

URL GET HTTP/3
anontransfer.com/public/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
JavaScript source, ASCII text, with very long lines (3375), with no line terminators
Size
3.2 kB (3206 bytes)
Hash
82a3b1674ebf4f89c0a3d400272012fe
bf1e92f128bf0cd32c4c53e19ff50968ee9fb40d
01caf62615ad9eb40ced12e22ef1eb54e5046d37da01141f978cc4ebd2f937bb

HTTP Headers

GET /public/main.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Aug 2023 13:31:01 GMT
etag: W/"c86-601f0acb94d34-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyrgEWOVkRnqMwcjwLifEuY8nEckOuTTvIkQv4ug9T%2FlU5a9%2B4fNNQznTi4XyAuJZMD7%2BuEPYYaUjTilT3FSQKlFa1rrtn78qq%2FnCy0b7sTmQSHGl9uBxpzSvd4mIdmkJ%2B23"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca437131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60

142.250.74.161

200 OK

15 kB

URL GET HTTP/2
lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 456 x 60, 8-bit/color RGBA, non-interlaced
Size
15 kB (14881 bytes)
Hash
150d9beddbd062ef284e6090f7b28668
13eed2d50169ace5c8ff59521518048243ea4f88
fee1ff77d55f580c570852cab759eb43dff07301f5c729226e65a9ea9d02d658

HTTP Headers

GET /lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 14881
x-xss-protection: 0
date: Tue, 16 Apr 2024 04:21:29 GMT
expires: Wed, 17 Apr 2024 04:21:29 GMT
cache-control: public, max-age=86400, no-transform
age: 8495
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anontransfer.com/public/popper.min.js

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
anontransfer.com/public/popper.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
JavaScript source, ASCII text, with very long lines (18706)
Size
19 kB (18756 bytes)
Hash
72d3b1e50e1a60d898f7817b27d76c1a
01d720c9ed9eab4e8d7f87d013cb3af11540d498
98f078a39b01008ae2eefd279d4aecc614b2b2533a4f8bef368e69d1977f5cb2

HTTP Headers

GET /public/popper.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:31 GMT
etag: W/"4944-6011947d1b5c0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDxhpqKsijZHS3Y%2BjglYTfKL8zkatV3JvSky%2BsA0eGbC0m1Nc6EzgWblV%2F5uiscx5gVofg36GkKZ7GGy6t0QyAFwwh3wT8l7of%2FT95jVO%2B63Qdxg1vCVehJluTOTufNJgs3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca417131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1

142.250.74.46

200 OK

184 kB

URL GET HTTP/3
fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2607)
Size
184 kB (184223 bytes)
Hash
3f421f27bd21df586bd6ef36e28c899c
6484698cc6b467f7fe997314ea651797c416841a
f88e76e8e21e6901181448e2d70a479027f0c83bccabfc78702872308048f247

HTTP Headers

GET /i/pub-1857840457925128?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
content-security-policy: script-src 'nonce-LD5c8rLkV7Zl_4p2KXo66Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo7vu39sYBN4cHHRB0YABvwsFw"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

anontransfer.com/public/anontransfer-favicon.ico

188.114.97.1

200 OK

176 kB

URL GET HTTP/3
anontransfer.com/public/anontransfer-favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type
MS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
176 kB (176492 bytes)
Hash
d5e92a2fedcb52f737435150cba4e603
54838eb1a51959a5df8d498f8c7f999be5652283
eda268a2c3241dbd07ac42ed4b4be3f66408c1b5fbf3a2f0cb15e460a14c1b1c

HTTP Headers

GET /public/anontransfer-favicon.ico HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc; dom3ic8zudi28v8lr6fgphwffqoz0j6c=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: image/x-icon
last-modified: Thu, 25 May 2023 05:00:53 GMT
etag: W/"2b16c-5fc7d813e2b40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I606I2J3gxZS%2FW0tRITaubwspYfadi%2F9Ya0dZ0pWmRmMGGZULxc%2BnC13DPoA%2FKy4ymV3e6Nc%2F%2FO8XF67ifZkm4nQRglkeuhIrIySzWJqtzQmvfXqPvvIh7u002mRnpeCmS11"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232eabbfb7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html

104.18.125.91

200 OK

1.7 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1768), with no line terminators
Size
1.7 kB (1725 bytes)
Hash
825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350

HTTP Headers

GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232e9c9db56c0-OSL
content-encoding: br

newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html

104.18.125.91

200 OK

1.7 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1768), with no line terminators
Size
1.7 kB (1725 bytes)
Hash
825c2f21a9a22bd9911e6686ced37ded
74f703bdafeabb1aad6a04b073d1745298c111dc
0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350

HTTP Headers

GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232e9c9dd56c0-OSL
content-encoding: br

anontransfer.com/public/bootstrap.min.css

188.114.97.1

200 OK

306 kB

URL GET HTTP/3
anontransfer.com/public/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectanontransfer.com
FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF
ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT

File type

Size
306 kB (306319 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /public/bootstrap.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 23:34:31 GMT
etag: W/"4ac8f-6060f2abf3db5-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jaIyV7zFtfgiNRRfextbgszQEsEmaasqEdZjm3AMV556YZc7l%2BxCgAWqDplheXUPAwvwc3jXdxdqFn8V%2FI19M9JnmRENLcc9NRF3a8cJigPrkJYboYp3iaD%2BFCdf9USru7b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0aa187131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

procuratorthoroughlycompere.com/watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1

192.243.61.225

307 Temporary Redirect

3.5 kB

URL GET HTTP/1.1
procuratorthoroughlycompere.com/watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerLet's Encrypt
Subjectprocuratorthoroughlycompere.com
FingerprintAF:D8:36:A0:09:80:82:1E:49:AF:23:0C:AE:36:37:9F:34:3D:C8:22
ValiditySat, 13 Apr 2024 08:54:24 GMT - Fri, 12 Jul 2024 08:54:23 GMT

File type

Size
3.5 kB (3525 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 HTTP/1.1
Host: procuratorthoroughlycompere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Location: https://procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
Set-Cookie: u_pl=20439883; expires=Wed, 17 Apr 2024 06:43:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLCJhciI6W119fQ.SEEoK5XT97UWkyzumszfeO04BvIbaoSOI7QVOrSYJkM; expires=Tue, 16 Apr 2024 06:44:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c948ddb6840213718ce79a512815ff02
Strict-Transport-Security: max-age=0; includeSubdomains

fundingchoicesmessages.google.com/b/pub-1857840457925128

142.250.74.46

200 OK

11 kB

URL GET HTTP/3
fundingchoicesmessages.google.com/b/pub-1857840457925128
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1483)
Size
11 kB (10559 bytes)
Hash
7d95c2ce557d72fb57101949fb17cfd3
fced0c276fe7dd10b6ec5709ad0b56623be753bb
fa23e295b611fa0af4ba3a1828b1452ec9735f8c303c5c2f426113ed616e437f

HTTP Headers

GET /b/pub-1857840457925128 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-IDMIwakbbAe2VU55-f_QDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMWEMc8n86aAsRO6TNYQ4DYp34GaxwQt948xzodiE8uOM96EYiT_51nLQViIR6O77t_bGATmHFjwitGAAS-MM8"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0

104.18.125.91

200 OK

718 B

URL POST HTTP/3
api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Size
718 B (718 bytes)
Hash
49bb8ed79d334a085e5b433649f26db1
d239c7cc8f1080d1474734293138e0e2ec783a4a
4a29f6f66d46a43a4d22bbf57e1df61befcfbc532a99fe4909c881b598df1ccb

HTTP Headers

POST /checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRD6i5ogHc2MrD; SameSite=None; Secure; path=/; expires=Tue, 16-Apr-24 07:13:03 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232ec8cc556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/c/282d0ff/hsw.js

104.18.125.91

200 OK

528 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/282d0ff/hsw.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
528 kB (527636 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eced4656c0-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash