| anonzip.com/C79/School-0.952-win_BugFix4.zip | 135.181.248.190 | 200 OK | 4.7 kB |
URL User Request GET HTTP/1.1anonzip.com/C79/School-0.952-win_BugFix4.zip IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash65a67c25672681ba143eb6404dd77edb 2c0ba8ce43f9b50ef18efbf4dc453bf352896b96 26e7cad50a3fd8fdecba355289eca5950956d371c4d11783472dda79ad7a5540
GET /C79/School-0.952-win_BugFix4.zip HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; expires=Sat, 11-May-2024 14:40:42 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Encoding: gzip
|
|
| anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css | 135.181.248.190 | 200 OK | 77 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (65319), with CRLF line terminators Hash9b67b9ffbfcbe226a8c413fa740fd91c 7837bd0c312897e46311aaf472947f3e23d75df2 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 76922
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-12c7a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css | 135.181.248.190 | 200 OK | 3.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash4541b29b6040bc31b760f98e914fd1d7 0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba 6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 3160
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-c58"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css | 135.181.248.190 | 200 OK | 12 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (11486), with CRLF line terminators Hash3d2946aeae3cc8f43e2acf82ea029bd4 c25a0bd445ff9e6034d34e8f388f5565515a2783 705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3051"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash25cfe48e07622a00154b677afcbaeb47 23e3ae1bd04ad1d00d25d30e39815104ceeae52f 709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 6019
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1783"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/socicon.css | 135.181.248.190 | 200 OK | 9.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/socicon.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash910a42ce112991b31b30a735f1006a5f 6c8b4769270f1c86bb1c7a6b54325465395ba614 010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 9838
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-266e"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash30265c8089a8f3e871d0873ef6a5b944 2804a2fe5a6a956626ce6a46adf6b1a0676ee13d f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 3889
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f31"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/flickity.css | 135.181.248.190 | 200 OK | 2.5 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/flickity.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash244d315064064270eabbbb7ac9f6c700 21ad53d3efbb40154293190173ee0c497ed7651c ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 2521
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-9d9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206456 bytes) Hashe13b70f9d6654b3656aec5b1bd5ae02a 903010ac4b9034f6839847a20ecd0f5a728b2b96 8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 206456
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-32678"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/custom.css | 135.181.248.190 | 200 OK | 8.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/custom.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash65417cde74809cb9b9e66d0ab4adc448 9729ccac013729aed790fdc25d71d858f50a137b c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 8936
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-22e8"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206493 bytes) Hash08f6281c909985fb24a5e3ad2be6753a 3a2f1161f8aea5fab0f54b64f43f293d9f1316c3 dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d
GET /themes/spirit/assets/frontend/css/theme/charcoal.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 206493
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3269d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css | 135.181.248.190 | 200 OK | 59 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (58929), with CRLF line terminators Hash879812fc22af75aa3ae7b5666ca4f4b8 df27469a952b7ee36cc03db471c6198f577186a8 c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 59119
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-e6ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js | 135.181.248.190 | 200 OK | 54 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators Hash8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 53873
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-d271"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js | 135.181.248.190 | 200 OK | 70 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (768), with CRLF line terminators Hash6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 69754
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1107a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js | 135.181.248.190 | 200 OK | 87 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators Hash5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 86713
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-152b9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css | 135.181.248.190 | 200 OK | 103 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Size103 kB (102727 bytes) Hashc9b1c618a7b12bd7ecf6034164b29164 f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99 fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 102727
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-19147"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/typed.min.js | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/typed.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (3949), with no line terminators Hash2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f6d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js | 135.181.248.190 | 200 OK | 14 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators Hash0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 13862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3626"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/datepicker.js | 135.181.248.190 | 200 OK | 21 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/datepicker.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators Hash8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-51ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/granim.min.js | 135.181.248.190 | 200 OK | 11 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/granim.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators Hash714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 10635
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-298b"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js | 135.181.248.190 | 200 OK | 5.4 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators Hash76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 5360
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-14f0"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators Hashc9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 6028
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-178c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/scripts.js | 135.181.248.190 | 200 OK | 115 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/scripts.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (914), with CRLF line terminators Size115 kB (114862 bytes) Hashce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 114862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1c0ae"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js | 135.181.248.190 | 200 OK | 1.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-72c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hash6c1e20bb65960360a6d1782e017c9314 d864c40dbd565e934fddeea36938456d6a26982c fafe927a322a36285028582aa429b7c47877cad76d2783d2b6ba3155e66bf9c6
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: image/png
Content-Length: 6221
Last-Modified: Sun, 04 Feb 2024 12:00:04 GMT
Connection: keep-alive
ETag: "65bf7c44-184d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hashecb7f5dbe1eee9fcc3d5839f7d2bb2fb 59c65d814622d7ea901cd367b4114cea05fdf1b9 d53d70c5ee49ccc36c86eca632815e1eb254786c4041b228196bb8c0cb635b20
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: image/png
Content-Length: 6204
Last-Modified: Sun, 04 Feb 2024 11:52:58 GMT
Connection: keep-alive
ETag: "65bf7a9a-183c"
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC IP142.250.74.168:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (102249 bytes) Hashf919005d6aa05cd95cae4d7511fdbc21 ceca5fb347553c1b724ef5a0f5f7b70689702faf 7313499442c916f58e0dfba395296d304f83f1a55caac1a3c234a5165e702a58
GET /gtag/js?id=G-GWR0PX9LQC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 14:40:43 GMT
expires: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 | 135.181.248.190 | 200 OK | 80 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 80148, version 331.17301 Hashc500da19d776384ba69573ae6fe274e7 6290834672aba86d5b6c1c73b30b57c9c53996f7 cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-13914"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 | 135.181.248.190 | 200 OK | 4.3 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 4292, version 1.0 Hashae072782b361d2afdbf43db08d3cfb73 f3db2e65b53d97491672f8631e21d6d05905cc88 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-10c4"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 | 142.250.74.99 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19280, version 1.0 Hash386fb59be54b2d819064af98e57cc226 9e2d14d736be97ec84bfca3513558450cd6e3249 b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:17 GMT
expires: Fri, 09 May 2025 01:49:17 GMT
cache-control: public, max-age=31536000
age: 132687
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16516, version 1.0 Hash02ea59496b25ec14db0cd442451bf9f7 4266d37e1db030954b04cd1cf3ec06591d75fcab dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:24:56 GMT
expires: Fri, 09 May 2025 02:24:56 GMT
cache-control: public, max-age=31536000
age: 130548
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png | 135.181.248.190 | 200 OK | 447 B |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashf3d5da06fe8d5a2425d5d229285e5eea 01032b864f3c74bbf44771e2ba41eeb2251fad90 d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: image/png
Content-Length: 447
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1bf"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png | 135.181.248.190 | 200 OK | 5.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hasha9a8c24cea41bed7ef78ed1d12d48291 cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7 3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: image/png
Content-Length: 5016
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1398"
Accept-Ranges: bytes
|
|
| my.rtmark.net/gid.js?userId=008058bab52b402ff116754577b19667 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008058bab52b402ff116754577b19667 IP139.45.195.8:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash7f4e64b34db0a45e1e924fab6b87de9a 58c904d771261ec439d35724accdeb53a33a9568 0c59018994acd1686bce319d77371a64870884d9f76f3c6bfcc02b415308d51f
GET /gid.js?userId=008058bab52b402ff116754577b19667 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gishejuy.com/400/7406589 | 139.45.197.242 | 200 OK | 33 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typegzip compressed data, max speed, from Unix Hash0cc1bf44c4f598888d74a8b4e3290d6a 5ca726d844ea933a4c8d17547517b24ec83c1455 db0dc06f80858f890ae4d42e4de6f9bbb947c287ad802705a033b411d6e466df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /400/7406589 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
x-trace-id: 0e9944e685b9009c01846c031e09b5d5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300589f805a4d6cfbf16e7112eedd82; expires=Sat, 10 May 2025 14:40:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonzip.com/sw.js | 135.181.248.190 | 200 OK | 5.2 kB |
IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (5235) Hashf3da3a180b9fcc93796c2e0064f80439 d3155e90b8bb0ccd2db019fa66beebf3f28d9116 2cfd12766505422ce33dad30985158e425f686a6a4e18d8a44e67b7c1af9451f
GET /sw.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044; prefetchAd_7406588=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:45 GMT
Content-Type: application/javascript
Content-Length: 5236
Last-Modified: Sun, 28 Apr 2024 12:25:27 GMT
Connection: keep-alive
ETag: "662e4037-1474"
Accept-Ranges: bytes
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a | 139.45.197.242 | 200 OK | 131 kB |
URL GET HTTP/2cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typegzip compressed data, max speed, from Unix Size131 kB (130593 bytes) Hash7357cc9142fd10b2b2aa6a64d7e8a7c4 03f82c4647fb9439da97b7138e74a2792e74cb5d 105a061090632104773356d53e4c10783d769310fe5f1a0e75e3a4f9f4a332de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27/7552beb94fc0bdff7bbb33cad3d1ab0a HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=040058b77ea042f2ebd9d17574fbd882; oaidts=1715352044
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: df454f97391fb74140fc0ade60dbd6fb
cache-control: max-age:290304000, public
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
expires: Tue, 09 May 2084 03:16:58 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 391
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f79da9ba3e0fefcb141956cdc287d435
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 770
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 895e9d1de4e1e86963d4fca1a65088fa
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2gishejuy.com/500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667 | 139.45.197.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/2cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash1e993026197010f796db56e95fec7449 9650168dd229f08c488095a1bae4d4b606ca2644 787384887bc47847231c9db384425018595272c8b30f9f4410fb48739f51e620
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 528
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 400
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 750b16d42b69dc7cade14b48a8a500c2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 2e4ca15f09d200ecd2418b9e6fca5eeb
access-control-expose-headers: X-Sc
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:45 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:40:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| cameesse.net/121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672 | 139.45.197.242 | 302 Found | 0 B |
URL GET HTTP/2cameesse.net/121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
location: https://securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: f4313afdf8c8228863f66018b4829974
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| aistekso.net/500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.244 | 200 OK | 0 B |
URL GET HTTP/2aistekso.net/500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.33.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.33.172:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:45 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Fri, 10 May 2024 20:07:36 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66789
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafad4f1a930b-CPH
X-Firefox-Spdy: h2
|
|
| track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp | 143.204.55.73 | 302 Found | 0 B |
URL GET HTTP/2track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp IP143.204.55.73:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerAmazon Subjecttrack.jefytrack.com FingerprintD9:FC:91:D1:FD:F0:F4:2D:48:E9:47:EE:31:A0:1C:23:D3:9A:29:D8 ValiditySun, 21 Apr 2024 00:00:00 GMT - Tue, 20 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp HTTP/1.1
Host: track.jefytrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina
date: Fri, 10 May 2024 14:40:46 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 145f6684-c379-407a-a2eb-922622a713e1-v4=BW_yMzqh-rfILIu_nqKpHwQ2U-mP3zzjgBdU8DKBR8I; Max-Age=86400; Expires=Sat, 11-May-2024 14:40:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wq8ud6g212f68m613s7usina%22%2C%22caid%22%3A%22145f6684-c379-407a-a2eb-922622a713e1%22%7D; Max-Age=31536000; Expires=Sat, 10-May-2025 14:40:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IT0PAtj1xCzc3Kar0GGD3ZsLSftiHzmLHp5QXab3MGk-4inuyx0KdQ==
X-Firefox-Spdy: h2
|
|
| aistekso.net/impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.244 | 200 OK | 43 B |
URL GET HTTP/2aistekso.net/impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: ff85db2302bcf3e557744559f2d8907f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: 93caf40a8600e15b3f1b6edbc9a3e7bf
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.33.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.33.172:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Fri, 10 May 2024 20:07:36 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafc9683c930b-CPH
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 273258
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 30751
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.242 | 200 OK | 0 B |
URL OPTIONS HTTP/2gishejuy.com/500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg | 104.22.33.172 | 200 OK | 9.3 kB |
URL GET HTTP/2offerimage.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg IP104.22.33.172:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash3303c3ec46f8b840a87559e75824b84b dca17ecb9395b5e83d50ba8c140af48d0b5a76ae a680f7fe40d758da9e24159585e9d43a5080c8130fcf8349fae977243b6a0987
GET /www/images/3303c3ec46f8b840a87559e75824b84b.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/jpeg
content-length: 9292
cache-control: max-age=86400
cf-bgj: h2pri
etag: "64aecb18-244c"
expires: Fri, 10 May 2024 20:18:32 GMT
last-modified: Wed, 12 Jul 2023 15:47:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66138
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafcb3b9e930b-CPH
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9d7d1f39ac4c55c71fe320131ba98dc7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672 | 172.67.175.232 | 302 Found | 8.0 kB |
URL GET HTTP/2securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672 IP172.67.175.232:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectsecuredpeacomm.com FingerprintE2:58:9B:FC:54:26:CA:CC:89:05:0D:28:D6:2E:28:9E:39:7E:5F:D6 ValidityMon, 15 Apr 2024 19:27:34 GMT - Sun, 14 Jul 2024 19:27:33 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hashae67a1f715e8edc4166b6aa710013231 5b45ac90fb59a4106720cfc94b18a24384dfd22f a78e0226c727ec9ff1b99105fb44d840a717760da750dd94c115aeb1955180fc
GET /in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672 HTTP/1.1
Host: securedpeacomm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/html; charset=UTF-8
location: https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HNjODIiCdGrjh1hRNFu%2Bsg7dQkVMQ6GHPdgNREUQCiBZEJeWcGThVd1Y5VzJzs3GyWA2vjqb3bi2Z%2FxryDZc3g5DxmI2p89ay5kVAPCbYIxnjsycFVevXCvTUJib4AckvRqlSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881aafad3c970b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 | 139.45.197.242 | | 0 B |
URL GET cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 IP139.45.197.242:0
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:41:05 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 401a0d2f3f14cc949a0a8114153d2692
access-control-expose-headers: X-Sc
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
CNT=1_v1_rtk9AQEAAACNTQAA; expires=Fri, 10 May 2024 15:41:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/61794 | 139.45.197.242 | 200 OK | 3.1 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3367), with no line terminators Hash1045da909da7dcf4eeff9716df484472 4bbced7161e8e8566360ce9e671eda296fa21e73 968286e0918eaac43f14f44ffad3d4ca9789adcd53f8092ecd49f5c1d9a490c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/61794 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina | 47.89.248.255 | 200 OK | 1.1 kB |
URL GET HTTP/2lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina IP47.89.248.255:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerDigiCert Inc Subjectlkbx.me Fingerprint85:1C:F3:96:31:0D:EC:E9:85:9D:6E:27:5F:AE:1D:6C:F2:9B:F5:BD ValidityMon, 27 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1129), with no line terminators Hash0d9ab5ecbec3e5c8835edcb6348dade2 d8804cdddf5cce3e7e6de2b8189ca323107b3668 998ea77d32a7e8a161587658283bdd690503972d50dca5d7e0e1dca086d2941d
GET /4KqY7?uid=wq8ud6g212f68m613s7usina HTTP/1.1
Host: lkbx.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: discuz_2132_saltkey=oGAdQC9U; expires=Sun, 09-Jun-2024 14:40:47 GMT; Max-Age=2592000; path=/; secure; httponly
discuz_2132_lang=en; path=/; secure
discuz_2132_lang=en; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cameesse.net/1?z=7406590 | 139.45.197.242 | 200 OK | 43 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typeJavaScript source, ASCII text, with very long lines (42427) Hashace6190879f2ff60651a32fa7e19c95c 00995278e1645fd5cb41c7f6dd00c19514cc1717 9f8f3291fb65e9ff0dc21f5b51b5df78493aa35f7d0cb2d9c8e9cb29f72c29e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1?z=7406590 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ff22fed582c9a6c6ad78dd3636180431
access-control-expose-headers: X-Sc
x-sc: RU1QC_2f2fIoxSGsqsx2yCJS2ai5Kwxh9tK6WuW5gwttAofUT3xvw-8zpdjhfAoXGPSQ2qA3hG_6W5ZH6npdBW_BbGc=
set-cookie: scm=1; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
OAID=040058b77ea042f2ebd9d17574fbd882; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/universal.min.js?v=3.1.504 | 139.45.197.250 | 200 OK | 90 kB |
URL GET HTTP/2moonoafy.net/pfe/current/universal.min.js?v=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4caad44ecc6a13eba45b63ed7cf9e387 e67dfe90bebd5447495d8fe962d03e55f6d13071 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/universal.min.js?v=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-15efa"
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1 IP139.45.195.254:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1763
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 14:40:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonzip.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i | 142.250.74.106 | 200 OK | 37 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i IP142.250.74.106:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hashc2b8ea09ec90a66034e1b61bc1f8e5d4 9558953728cacfc3433ba6281c1b4a58fbbc9d51 1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:40:43 GMT
date: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 | 139.45.197.250 | 200 OK | 880 B |
URL GET HTTP/2moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (977), with no line terminators Hash7db549bd97c2cf19c1a7b302563a42e4 9f3ff7d955b0ff41824a7094761659688b20088e 5bd403e962c03e25fe7f98492e5a381c5df1a49c1921132aeb92dcc2368b5697
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: abc934c53acec7787548998062a1801b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/tag.min.js?z=7406592 | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2moonoafy.net/pfe/current/tag.min.js?z=7406592 IP139.45.197.250:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (14612), with no line terminators Hashffdd38e0a5a1a47cb341a116a3318e0e 2fd730feff506cf56e14c531e9d89cdea2cca424 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/tag.min.js?z=7406592 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-3914"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:40:43 GMT
date: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/7406591 | 139.45.197.244 | 200 OK | 91 kB |
IP139.45.197.244:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash11f5bcae3cc291500d9a0851377efd54 abe3770f106eb5f96ca46fbb35a726c71ecd2f9e d02a1af692c535be810a07da88057608994af5a4aefac85b201156dd83809a0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/7406591 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
x-trace-id: bd368f7879ccc8c2d1d22f4478ca8f16
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005811e7004b1cee8fa491421956aa; expires=Sat, 10 May 2025 14:40:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 19 kB |
IP172.67.193.52:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSf80QslSvkiKt2Jp24Moydu%2FAZizd%2B2rBwLFkiIVS3WwVx4vi0H1sHiSVsoMBXiKn%2FJhaAXU8f9R9y8Zb79EOmRSE76u9H%2Fphc0kHzmMkdQ6CHO57BmTubU9jpjBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafa9587f56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alwingulla.com/88/tag.min.js | 104.21.72.155 | 200 OK | 82 kB |
URL GET HTTP/2alwingulla.com/88/tag.min.js IP104.21.72.155:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectalwingulla.com FingerprintB6:A3:BD:4F:5E:0D:58:50:07:9D:17:E0:30:97:67:97:9E:23:1A:1C ValidityTue, 12 Mar 2024 16:48:22 GMT - Mon, 10 Jun 2024 16:48:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hashe56d22d4b078f2116acde5468a10ed4b 1bd53f708a56defabe094073b88a3114e313ae98 a2efe5c73146fd67ce971a6c328f742f4a631f03c79d0827391a2db2a25cae19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/tag.min.js HTTP/1.1
Host: alwingulla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:43 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: b6805ced5440a1f6e4d4f6109796e9cc
cache-control: max-age=86400
last-modified: Thu, 09 May 2024 10:31:30 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 10 May 2024 21:39:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 61262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJgADNUK7a5UNzmXWdXBWF8X9Ko9RTSIITLM%2BylMUQ0yDcifRc6jroMTtqev%2FLOQc9HMjAb41fkAFUxGqxYpVh08b7AhChHfR0TgSzhK7tEeUVwgxMDLqlE90IuMDOhdsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafa07ed85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina | 172.67.188.225 | 302 Found | 1.1 kB |
URL GET HTTP/2externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina IP172.67.188.225:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerGoogle Trust Services LLC Subjectexternalde.com Fingerprint0D:2A:5D:DC:29:15:BD:05:1C:8E:F1:C5:82:D4:C0:5C:D6:A5:AB:58 ValiditySat, 27 Apr 2024 14:00:09 GMT - Fri, 26 Jul 2024 14:00:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina HTTP/1.1
Host: externalde.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 14:40:46 GMT
content-type: text/html; charset=UTF-8
location: https://lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7K48wKw%2Foy%2FD7crc%2FVHNWOD%2BNLbWoj3bZ4MSUZtnglXrcONEngb3nhl2itZx1Br57yOoB8%2FIbPR9LvswIjYgaulnNX5YJzDaglqd4tfjE4r025%2BvFjgs4GtL0PW6TnT5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881aafafdeff568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link | 139.45.197.242 | 200 OK | 2.7 kB |
URL GET HTTP/2veepteero.com/?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link IP139.45.197.242:443
Requested byhttps://anonzip.com/C79/School-0.952-win_BugFix4.zip CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2749), with no line terminators Hash23c2b98fc6bc3b6e8d83c3a8f1755b35 22fff22d70017768b83d1390a94bb02c0b445cba 22f6891698ecb73da26f8de47743977c9ee186fa64a50a6586f1c46ff82c30a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json
x-trace-id: d8e9a3a34eb5e6b8c43a2b7a5e84f830
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:45 GMT; path=/; secure; SameSite=None
oaidts=1715352045; expires=Sat, 10 May 2025 14:40:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 17 May 2024 14:40:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|