| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hashded1c367363e8b20bdc6a19b8350a737 8c06d82739d14b094ff6d9036021a252bd1d985d 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 46277
expires: Sun, 06 Apr 2025 06:43:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeKlV8eZ40thyOD84JI24R0bM4FTvCNmVfBRe8%2BIWW9UJJUDsHWRsoLcHvFFeMGUbfVJt9UHJMlfr7rcirYYUHlBiPYjbzk21OJs2GnI3Tw2KnSdJHweKlZ%2FRwfKc1%2FDMzqN3NqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e1ff63b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js | 172.240.108.76 | 200 OK | 12 kB |
URL GET HTTP/1.1flintdepreciate.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js IP172.240.108.76:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subject*.flintdepreciate.com Fingerprint96:4B:5E:31:39:BC:A8:A9:FC:33:E8:DF:02:9B:39:41:44:DB:7E:4E ValiditySun, 31 Mar 2024 06:33:52 GMT - Sat, 29 Jun 2024 06:33:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31331), with no line terminators Hash8644df900ce9afdc460fc089ccc51449 c795c45d65d8c83d09797755fa4bba815d65d91a dcff67e891b33d65d24a44f3671cb2064a16659ed27cd9afc58f4f88e81cba46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5565fd691e8ecaf4ea72c31df91cabfb/invoke.js HTTP/1.1
Host: flintdepreciate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75ee008c7ef9860482305afde3081021
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css | 142.250.74.163 | | 4.0 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css IP142.250.74.163:0
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 09:56:47 GMT
expires: Wed, 09 Apr 2025 09:56:47 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 593175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.163 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23088
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anontransfer.com/download/uFzGht7yCQ/INEScsv.zip | 188.114.97.1 | 200 OK | 44 kB |
URL User Request GET HTTP/2anontransfer.com/download/uFzGht7yCQ/INEScsv.zip IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12460) Hash651072378801466c13317895a2065142 154cc3bc229624fe0ebb1268c99d0d3e677aaf2d 73baaf608d6d9a637b56c42ad359cef391e3a83ab7977e6138a6920a799d8fba
GET /download/uFzGht7yCQ/INEScsv.zip HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:01 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
set-cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJYONW%2BcxrSQH7jZJyTXGP%2Biibr6mN8mOBzOWQIqJbK3Rdot%2BvrohHuwZ5xwjlLDg8JyDoOaKQs8y5qk3RKRjRpy2Crnv1fOmpZ%2FtPja3asQpJKCuClFI9XdaKVXuuetlW6q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232dc0cfa5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/main.min.css | 188.114.97.1 | 200 OK | 6.8 kB |
URL GET HTTP/3anontransfer.com/public/main.min.css IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeASCII text, with very long lines (3051), with no line terminators Hash3fc528a6ac461cf722453550f1724fbd 16824e2d8624d1ab7a66557d7d4d07b2eedc9169 efbc4399fd77df1667558a30eca43025bf7bbedce0f7981811c6ff00632fbd0a
GET /public/main.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css
last-modified: Tue, 17 Oct 2023 16:25:58 GMT
etag: W/"beb-607ebfa4a031d-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbJpqyQEUpzJn1Ly%2B82RkNvip89LM6S6OHStekqadTpOWTkAURruslJBnyYk2u4TCU9VxSJuqJ9IHtn5CHQAvQySUEYY5THjiof5%2FQnjwJf19y8XFkQ5cKBkHt8cNrk0w81M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba267131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js | 192.243.59.12 | 200 OK | 12 kB |
URL GET HTTP/1.1flintdepreciate.com/8f8c6bfd82782c8f98d832200d00f426/invoke.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subject*.flintdepreciate.com Fingerprint96:4B:5E:31:39:BC:A8:A9:FC:33:E8:DF:02:9B:39:41:44:DB:7E:4E ValiditySun, 31 Mar 2024 06:33:52 GMT - Sat, 29 Jun 2024 06:33:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31290), with no line terminators Hash05d6796bcc150ce6b2d03ca27a4d5424 509165ae1680073c517ae79cba5f1e51b168fda3 bac6b0070d549bea0ddff045b9b71936bc0f29627d37b09ae7f331ccabfed713
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /8f8c6bfd82782c8f98d832200d00f426/invoke.js HTTP/1.1
Host: flintdepreciate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 819f4c1d3716c8e8ab0e575d2d2211cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.163 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23089
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.163 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:18:14 GMT
expires: Wed, 16 Apr 2025 00:18:14 GMT
cache-control: public, max-age=31536000
age: 23089
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150124, version 772.256 Size150 kB (150124 bytes) Hashc64278386c2bbb5e293e11b94ca2f6d1 6b99aa650bd12a36caa14e0127435d8f4cd3ba73 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 43166
expires: Sun, 06 Apr 2025 06:43:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCuRPQBvtcgp9PiBK7vamXbUUCVh6m7LLLlY9GeHhaiDKZMLM2ni8XsK2Lg6p6KfL6GYa42iyNtuHVf1%2F%2Fld33qMjSkcvIhQEV7l%2FM2WDwEwuRtuZwQh9ZIwfXDf%2B4kd9IqbUAgP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e97bed0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 | 104.17.25.14 | 200 OK | 25 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24948, version 772.256 Hash61f30b79daf5b31f0d254a31fba66158 fb363d27cfdfe71a243fa2ac3dab2815232b9b7e 8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 46756
expires: Sun, 06 Apr 2025 06:43:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIE1Nlh1IGdc16XsG6T5PRIu8vKwWOfdRMtk%2FueoSRK0iaNej9eD8bzhV3k5aFLZUOtz6eiPh%2F4LjwEHmjc9jrQ67dm346tDfHFOuIPsbD8ys06su%2BJ9cMlCuui7Z5KW3bEk52Sb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875232e97bef0b69-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash0bea14a24acf01e7602c416935848793 3493b99ca0da4d0c60f848069fa57e39b335a87a 229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 06:43:03 GMT
Last-Modified: Tue, 16 Apr 2024 05:53:27 GMT
Server: ECAcc (ska/F6A3)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g60KzchDzXOT85GAPc_AmWHnMvW3RYHWfuG7jleZr0G1aH-xaH_htg==
Age: 2976
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash0bea14a24acf01e7602c416935848793 3493b99ca0da4d0c60f848069fa57e39b335a87a 229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 06:43:03 GMT
Last-Modified: Tue, 16 Apr 2024 05:45:42 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vS9jELyzN26pjHv0GuKf2P0urGlyUNDmpRoA8IGKSFLmKdrvINpW0w==
Age: 3441
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash32f7ea4dd3598298fd12adcf5293736a 92010bc3b20b028cd322a07175b42ea16309c36e 0ddde3d65938363525c573916b2d9a3c1c447546053bd16afe9e9cb22ef0871c
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anontransfer.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f14d16c8-c561-4d72-afc6-9144799adc9d:2:1; expires=Fri, 14 Apr 2034 06:43:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash6209911ee3287adef1d6679bc82e79bb 7a199c70511f4760095c919640adfb456b3b8c95 d14824052567eaafa5c6893ec4e4c317059238be70a680ed2013ffd5a896487e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anontransfer.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bd44e50a-f68a-496a-95ba-448e811b6587:2:1; expires=Fri, 14 Apr 2034 06:43:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main | 142.250.74.106 | 200 OK | 74 kB |
URL GET HTTP/3translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main IP142.250.74.106:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (2333) Hash4bb91f7d3340c67fbc422fe923cb4ce4 aa81f4daf848d66f92f853be4bb57333694b2712 2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a
GET /_/translate_http/_/js/k=translate_http.tr.no.JWdSLlE5pB8.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpkI8wAWWEyAHc_EMGYgHf1e9un_w/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73503
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 19:01:35 GMT
expires: Tue, 15 Apr 2025 19:01:35 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 12 Apr 2024 23:10:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 42088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== | 142.250.74.46 | 204 No Content | 0 B |
URL GET HTTP/3fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-dF_4EuHdasdSml5ScU1YFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1hDgFiIh-P77h8b2AQ6Pn5uZgIAzUIM_Q"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js | 104.18.125.91 | 200 OK | 113 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41625) Size113 kB (113113 bytes) Hash052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eadb0356c0-OSL
content-encoding: br
|
|
| anontransfer.com/public/at-logo.webp | 188.114.97.1 | 200 OK | 3.9 kB |
URL GET HTTP/3anontransfer.com/public/at-logo.webp IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeRIFF (little-endian) data, Web/P image Hash75c23d00886f1425dce4f378ed3873e9 eeed775e7b4d58e51e1f18590812939d19ead2b1 01ea6b5484951a3c7b20ee83e857e6a780af1290849a584a76ba43c6f21a4792
GET /public/at-logo.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: image/webp
last-modified: Wed, 24 May 2023 02:52:25 GMT
etag: W/"d42-5fc6797f80c40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooWf3HHff8NyILCkOj8eqgtEQBUyibk6CHAQl3u%2FaNZXFZdHAoiQRl3OdoV2lPX9hOS5s%2Fv8UKNJM%2FFx8DtMEACV9e%2B%2FynDMRYYGSEN7WycSguY8lS3ZYHLu9fLpzScleLVq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba3c7131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hcaptcha.com/1/api.js | 104.18.125.91 | 200 OK | 111 kB |
IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41625) Size111 kB (110866 bytes) Hash052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /1/api.js HTTP/1.1
Host: hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
cf-ray: 875232e20cdd568f-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
expires: Mon, 29 Apr 2024 16:59:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/bootstrap.min.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3anontransfer.com/public/bootstrap.min.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text, with very long lines (58940) Hash259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
GET /public/bootstrap.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:32 GMT
etag: W/"e753-6011947e0f800-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRSGrvzUFk1tvie8cpeVmf2WczukrG7LftKhPES4Lu9RZcoaP6HzB4SjNHe4%2FgwWkE5VhDosp5xiCKJvtrOk5XO9oCqL5Qj1gCbDMa41UM6re8jr51aHacuhMRM%2BZCzrCrxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca427131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| canoperation.com/watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 | 192.243.59.12 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1canoperation.com/watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectcanoperation.com FingerprintE3:89:98:47:D8:0E:7E:1C:6C:BE:D9:09:72:F5:78:CE:74:77:6A:73 ValiditySat, 13 Apr 2024 09:09:23 GMT - Fri, 12 Jul 2024 09:09:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1234142426540.js?key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 HTTP/1.1
Host: canoperation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Location: https://canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1
Set-Cookie: u_pl=20439511; expires=Wed, 17 Apr 2024 06:43:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTUxMSwiayI6IjhmOGM2YmZkODI3ODJjOGY5OGQ4MzIyMDBkMDBmNDI2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6NSwicHQiOjQsInBrIjoiZ2RpZmNhcWIzaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Fub250cmFuc2Zlci5jb20vZG93bmxvYWQvdUZ6R2h0N3lDUS9JTkVTY3N2LnppcCIsImFyIjpbXX19.tpOwbYI0Dprry5Kqn7z-zY-QmTgg9fuh1iaWZ-en8-Q; expires=Tue, 16 Apr 2024 06:44:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fb250c1944a565245b08922c3a5563a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap | 142.250.74.106 | 200 OK | 758 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap IP142.250.74.106:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashca3845b5e55e70e7291da81b9c72d5d3 72a1d53b585bffad4f4bbc7621c036c49b6d1db3 2e6cc9b51a829b52a905c36b7912aac61835af10a1eb946b34e15e72d855b7d6
GET /css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:43:02 GMT
date: Tue, 16 Apr 2024 06:43:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 | 192.243.59.12 | 200 OK | 2.1 kB |
URL GET HTTP/1.1canoperation.com/watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectcanoperation.com FingerprintE3:89:98:47:D8:0E:7E:1C:6C:BE:D9:09:72:F5:78:CE:74:77:6A:73 ValiditySat, 13 Apr 2024 09:09:23 GMT - Fri, 12 Jul 2024 09:09:22 GMT
File typeJavaScript source, ASCII text, with very long lines (2654) Hashdda33854bf174c672168e86f6698d53e b77945a596f64d28069499c04290ba3c1b9d3c32 c1ddd75323cdb6734a654396cf5ea79d4950c2ccc14ffd96d7f69e4a7338e5cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1234142426540.js?dev=e&key=8f8c6bfd82782c8f98d832200d00f426&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=3834b66dfc0d5cde4f58119008d89be9e909d8bdb45320a46297af4f79a464a4c87292ce53531de7943bf27b6fef0ac468b400a84b876e49faa036261ea365c00aee02ea25d273a29f624b0fbd35048d12600cb29f4aa8cf354f00bfc80394&tz=0&uuid=f14d16c8-c561-4d72-afc6-9144799adc9d%3A2%3A1 HTTP/1.1
Host: canoperation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
Referer: https://anontransfer.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20439511; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTUxMSwiayI6IjhmOGM2YmZkODI3ODJjOGY5OGQ4MzIyMDBkMDBmNDI2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6NSwicHQiOjQsInBrIjoiZ2RpZmNhcWIzaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Fub250cmFuc2Zlci5jb20vZG93bmxvYWQvdUZ6R2h0N3lDUS9JTkVTY3N2LnppcCIsImFyIjpbXX19.tpOwbYI0Dprry5Kqn7z-zY-QmTgg9fuh1iaWZ-en8-Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 06:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f14d16c8-c561-4d72-afc6-9144799adc9d:2:1; expires=Tue, 23 Apr 2024 06:43:04 GMT; secure; SameSite=None
iprc3521fe06282d811140feea0838788343=3569806; expires=Tue, 16 Apr 2024 10:43:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
pdhtkv5=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs5=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 344e57855d5a20ac8bb4df684d67699d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 | 192.243.61.225 | 200 OK | 2.1 kB |
URL GET HTTP/1.1procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectprocuratorthoroughlycompere.com FingerprintAF:D8:36:A0:09:80:82:1E:49:AF:23:0C:AE:36:37:9F:34:3D:C8:22 ValiditySat, 13 Apr 2024 08:54:24 GMT - Fri, 12 Jul 2024 08:54:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2649) Hash4197a593f6940987ec51e6949f61708e efc78cdec8abfac5ddcfe8cb9744f4293726bc4d 066cc1ab83a9927a1fcb85e02931db7e380063f3726466ef54aae5c8e64fa593
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 HTTP/1.1
Host: procuratorthoroughlycompere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
Referer: https://anontransfer.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20439883; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLCJhciI6W119fQ.SEEoK5XT97UWkyzumszfeO04BvIbaoSOI7QVOrSYJkM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bd44e50a-f68a-496a-95ba-448e811b6587:2:1; expires=Tue, 23 Apr 2024 06:43:04 GMT; secure; SameSite=None
iprc4a198241795c429d733d6ce56b8751e3=3569807; expires=Tue, 16 Apr 2024 10:43:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 17 Apr 2024 06:43:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c2c7817b2c3a5c8135df393e052c1fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.163 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:14:56 GMT
expires: Tue, 15 Apr 2025 21:14:56 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 34088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.74.163 | 200 OK | 3.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:43:59 GMT
expires: Wed, 16 Apr 2025 01:43:59 GMT
cache-control: public, max-age=31536000
age: 17945
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414 | 142.250.74.46 | 204 No Content | 0 B |
URL GET HTTP/3translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414 IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240414 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-sxRbD6zv7vxXrwnAaDM5VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmLw15BicEqfwRoExELcHD92_9jAJjBhem8yAGxRCUM"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=18.SE=J_O9Ji60ONy6kiKauG_y0HWSo5r1bUbaSNNuGum8jwmZWzNouay4T5aumNUXFsF3ap09BFGsPEG5JUUoGotvn5jdH3fE0jvNTQirzVzRmgY3L5-j-GRUyKRhIf9qPnPCDh5C6xa4sg2vZcNKYQczdpjtWLFpbbQxRyiUaeHXEhA; expires=Fri, 16-May-2025 23:01:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/images/cleardot.gif | 142.250.74.164 | 200 OK | 43 B |
URL GET HTTP/2www.google.com/images/cleardot.gif IP142.250.74.164:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeGIF image data, version 89a, 1 x 1 Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 16 Apr 2024 06:43:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js | 104.18.125.91 | 200 OK | 110 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41625) Size110 kB (109656 bytes) Hash052bf4abb4128ef78b68c418f7d94678 2b6c44a8cc009017a2909c7afd71e371e82b7d27 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
GET /captcha/v1/b1c589a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"5a68efa2b964d5c167fde3b130af8e94"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eadb0056c0-OSL
content-encoding: br
|
|
| cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png | 45.133.44.9 | 200 OK | 144 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size144 kB (144379 bytes) Hash33c304429dc1a4408a96e6a74ffa2feb c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04 dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:04 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Thu, 18 Apr 2024 06:43:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png | 45.133.44.9 | 200 OK | 67 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced Hasha98b4585db1c6db06d6857c73bb75fcb 02a896b08a79e873b2dd26200ee1f0665dc1c80a fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c
GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 06:43:04 GMT
content-type: image/png
content-length: 67174
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Thu, 18 Apr 2024 06:43:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fundingchoicesmessages.google.com/f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0 | 142.250.74.46 | 200 OK | 108 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0 IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typegzip compressed data, max compression Size108 kB (107667 bytes) Hash36b98f40bdabfcf3ef7a47c49e4be66d 822b5c21cf9250188528de27ed8009be688010cf 5dfbf00c833a4ee736a61edb7517fa2ca43fc15fdb7efb7e878d3d46c3b20b10
GET /f/AGSKWxWG6U8ORyNK3_uF1kLlUi_cUE0pTbySpIBi-wYSjd_JmzD59z5JNpVLE_fZxTwjGfru0ZiNM6ZrD-aSys5wPAzBlnntZrpSfZAc79clIcDuKW_q0IAS18pHeC27CAcUDgLWs6BI8A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMjQ5NzgzLDY5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxOSwiMSJdXV0 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
content-security-policy: script-src 'nonce-Tw6zGMyO8ZVEYB0xevdY5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhbo4fu39sYBOY0f67BgDVDytg"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap | 142.250.74.106 | 200 OK | 20 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap IP142.250.74.106:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash8c26a0e24065327a7d547f3e3291ecfc fe16bef81aba40bc494c2aa646b6658ba85a36f2 b01bab758cffca54a83252ba2aec9fd72732f0069cf5f64f57d0b7f6e5b5cc08
GET /css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 06:43:04 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 48 kB |
URL GET HTTP/3fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 08:04:32 GMT
expires: Wed, 09 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 599912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.163 | 200 OK | 128 kB |
URL GET HTTP/3fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.163:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:40:02 GMT
expires: Fri, 11 Apr 2025 02:40:02 GMT
cache-control: public, max-age=31536000
age: 446582
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ== | 142.250.74.46 | 204 No Content | 0 B |
URL POST HTTP/3fundingchoicesmessages.google.com/el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ== IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /el/AGSKWxXhbxIpjKzim2ZE5n3aN2zx1DXZ8R9KYYGmnW0Ud0S9bv2fKxz0xsY56LQvGd5I6Rujl545y5zmyJgDPficLIizrubN2_MrK9oYrw1APcOX2F9YpW-5HtS4glljcpQ3oHUr1gyupQ== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 92
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DI62p9csLthSv7QoG2KODg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-PH7h8b2AQuTHn7gAkAzLcNNw"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| anontransfer.com/public/file-format-icon.webp | 188.114.97.1 | 200 OK | 5.6 kB |
URL GET HTTP/3anontransfer.com/public/file-format-icon.webp IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeRIFF (little-endian) data, Web/P image Hasha69ab1770613d0d2ddea6868dab6b782 8b2ff22124198c503781b19f3a4187314aa0e253 b49a4128e30e197f5b33af2811330b7c2e39ff3da47f7ca9a9db945b70234d41
GET /public/file-format-icon.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: image/webp
last-modified: Thu, 22 Jun 2023 19:59:23 GMT
etag: W/"384-5febd5215fcc0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfNyxUpNZxq1CqYKvMjGk96OouMgBhCB%2BvBRFinfZTFGs4LS5IfGdfe3mFFHwO8o5uSdpauP1J%2BeeWStQPITYZDQFuYhLMR7vmvMvc%2BEU%2FR%2Bwerpy7BR%2FDWf5bSvi1DIme9G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ba3e7131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 0 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://anontransfer.com/
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 16 Apr 2024 06:43:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 131 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anontransfer.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1183
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 16 Apr 2024 06:43:13 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 142.250.74.46 | 200 OK | 90 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2064) Hasheaf46830e60ec6ecdc4900be6f075824 90192094b496595bcc0d1b67bc074b5988acde6d 4c09d3418494e971614728ad14e246bebcc5d4414e433d1a9af443226b7d07ca
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:02 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/main.js | 188.114.97.1 | 200 OK | 3.2 kB |
URL GET HTTP/3anontransfer.com/public/main.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text, with very long lines (3375), with no line terminators Hash82a3b1674ebf4f89c0a3d400272012fe bf1e92f128bf0cd32c4c53e19ff50968ee9fb40d 01caf62615ad9eb40ced12e22ef1eb54e5046d37da01141f978cc4ebd2f937bb
GET /public/main.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Aug 2023 13:31:01 GMT
etag: W/"c86-601f0acb94d34-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyrgEWOVkRnqMwcjwLifEuY8nEckOuTTvIkQv4ug9T%2FlU5a9%2B4fNNQznTi4XyAuJZMD7%2BuEPYYaUjTilT3FSQKlFa1rrtn78qq%2FnCy0b7sTmQSHGl9uBxpzSvd4mIdmkJ%2B23"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca437131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 | 142.250.74.161 | 200 OK | 15 kB |
URL GET HTTP/2lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 IP142.250.74.161:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typePNG image data, 456 x 60, 8-bit/color RGBA, non-interlaced Hash150d9beddbd062ef284e6090f7b28668 13eed2d50169ace5c8ff59521518048243ea4f88 fee1ff77d55f580c570852cab759eb43dff07301f5c729226e65a9ea9d02d658
GET /lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 14881
x-xss-protection: 0
date: Tue, 16 Apr 2024 04:21:29 GMT
expires: Wed, 17 Apr 2024 04:21:29 GMT
cache-control: public, max-age=86400, no-transform
age: 8495
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/popper.min.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3anontransfer.com/public/popper.min.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text, with very long lines (18706) Hash72d3b1e50e1a60d898f7817b27d76c1a 01d720c9ed9eab4e8d7f87d013cb3af11540d498 98f078a39b01008ae2eefd279d4aecc614b2b2533a4f8bef368e69d1977f5cb2
GET /public/popper.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:31 GMT
etag: W/"4944-6011947d1b5c0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDxhpqKsijZHS3Y%2BjglYTfKL8zkatV3JvSky%2BsA0eGbC0m1Nc6EzgWblV%2F5uiscx5gVofg36GkKZ7GGy6t0QyAFwwh3wT8l7of%2FT95jVO%2B63Qdxg1vCVehJluTOTufNJgs3%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0ca417131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1 | 142.250.74.46 | 200 OK | 184 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1 IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2607) Size184 kB (184223 bytes) Hash3f421f27bd21df586bd6ef36e28c899c 6484698cc6b467f7fe997314ea651797c416841a f88e76e8e21e6901181448e2d70a479027f0c83bccabfc78702872308048f247
GET /i/pub-1857840457925128?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
content-security-policy: script-src 'nonce-LD5c8rLkV7Zl_4p2KXo66Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhHo7vu39sYBN4cHHRB0YABvwsFw"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| anontransfer.com/public/anontransfer-favicon.ico | 188.114.97.1 | 200 OK | 176 kB |
URL GET HTTP/3anontransfer.com/public/anontransfer-favicon.ico IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeMS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Size176 kB (176492 bytes) Hashd5e92a2fedcb52f737435150cba4e603 54838eb1a51959a5df8d498f8c7f999be5652283 eda268a2c3241dbd07ac42ed4b4be3f66408c1b5fbf3a2f0cb15e460a14c1b1c
GET /public/anontransfer-favicon.ico HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc; dom3ic8zudi28v8lr6fgphwffqoz0j6c=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: image/x-icon
last-modified: Thu, 25 May 2023 05:00:53 GMT
etag: W/"2b16c-5fc7d813e2b40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I606I2J3gxZS%2FW0tRITaubwspYfadi%2F9Ya0dZ0pWmRmMGGZULxc%2BnC13DPoA%2FKy4ymV3e6Nc%2F%2FO8XF67ifZkm4nQRglkeuhIrIySzWJqtzQmvfXqPvvIh7u002mRnpeCmS11"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232eabbfb7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232e9c9db56c0-OSL
content-encoding: br
|
|
| newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.7 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1768), with no line terminators Hash825c2f21a9a22bd9911e6686ced37ded 74f703bdafeabb1aad6a04b073d1745298c111dc 0624e04628b8b0d5f77b594b9ef1408296a1774109a47d7c1ac402e1d2636350
GET /captcha/v1/b1c589a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 30 Apr 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232e9c9dd56c0-OSL
content-encoding: br
|
|
| anontransfer.com/public/bootstrap.min.css | 188.114.97.1 | 200 OK | 306 kB |
URL GET HTTP/3anontransfer.com/public/bootstrap.min.css IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
Size306 kB (306319 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/bootstrap.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip
Cookie: PHPSESSID=nikrf6befth5221ab6aja8t5jc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:02 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 23:34:31 GMT
etag: W/"4ac8f-6060f2abf3db5-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jaIyV7zFtfgiNRRfextbgszQEsEmaasqEdZjm3AMV556YZc7l%2BxCgAWqDplheXUPAwvwc3jXdxdqFn8V%2FI19M9JnmRENLcc9NRF3a8cJigPrkJYboYp3iaD%2BFCdf9USru7b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875232e0aa187131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| procuratorthoroughlycompere.com/watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 | 192.243.61.225 | 307 Temporary Redirect | 3.5 kB |
URL GET HTTP/1.1procuratorthoroughlycompere.com/watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerLet's Encrypt Subjectprocuratorthoroughlycompere.com FingerprintAF:D8:36:A0:09:80:82:1E:49:AF:23:0C:AE:36:37:9F:34:3D:C8:22 ValiditySat, 13 Apr 2024 08:54:24 GMT - Fri, 12 Jul 2024 08:54:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.610617090024.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&tz=0&dev=e&res=14.2071&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1 HTTP/1.1
Host: procuratorthoroughlycompere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 06:43:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Location: https://procuratorthoroughlycompere.com/watch.610617090024.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22inescsv%22%2C%22zip%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1713249843&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FuFzGht7yCQ%2FINEScsv.zip&res=14.2071&rmtc=t&shu=23f34ffeca13515ef35c23c5c3be29a2e8079492693cf0fbb01b784f70bb635ac88a9cee293bbf6b0a1ad3ac11c376f8382fbea458450d2dbe7fc466c27de5532e9e6366a469171b73ff03efce9be2c750c20886e9b417c8f1a170935c543f&tz=0&uuid=bd44e50a-f68a-496a-95ba-448e811b6587%3A2%3A1
Set-Cookie: u_pl=20439883; expires=Wed, 17 Apr 2024 06:43:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL3VGekdodDd5Q1EvSU5FU2Nzdi56aXAiLCJhciI6W119fQ.SEEoK5XT97UWkyzumszfeO04BvIbaoSOI7QVOrSYJkM; expires=Tue, 16 Apr 2024 06:44:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c948ddb6840213718ce79a512815ff02
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fundingchoicesmessages.google.com/b/pub-1857840457925128 | 142.250.74.46 | 200 OK | 11 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/b/pub-1857840457925128 IP142.250.74.46:443
Requested byhttps://anontransfer.com/download/uFzGht7yCQ/INEScsv.zip CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1483) Hash7d95c2ce557d72fb57101949fb17cfd3 fced0c276fe7dd10b6ec5709ad0b56623be753bb fa23e295b611fa0af4ba3a1828b1452ec9735f8c303c5c2f426113ed616e437f
GET /b/pub-1857840457925128 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 06:43:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-IDMIwakbbAe2VU55-f_QDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMWEMc8n86aAsRO6TNYQ4DYp34GaxwQt948xzodiE8uOM96EYiT_51nLQViIR6O77t_bGATmHFjwitGAAS-MM8"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 | 104.18.125.91 | 200 OK | 718 B |
URL POST HTTP/3api2.hcaptcha.com/checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (734), with no line terminators Hash49bb8ed79d334a085e5b433649f26db1 d239c7cc8f1080d1474734293138e0e2ec783a4a 4a29f6f66d46a43a4d22bbf57e1df61befcfbc532a99fe4909c881b598df1ccb
POST /checksiteconfig?v=b1c589a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRD6i5ogHc2MrD; SameSite=None; Secure; path=/; expires=Tue, 16-Apr-24 07:13:03 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232ec8cc556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/c/282d0ff/hsw.js | 104.18.125.91 | 200 OK | 528 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/282d0ff/hsw.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html#frame=challenge&id=0kbxpn2qes4&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size528 kB (527636 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/282d0ff/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 06:43:03 GMT
content-type: application/javascript
etag: W/"f593c8f46e9cb4a93e13a33ec29e7214"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 06:43:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 875232eced4656c0-OSL
content-encoding: br
|
|