Report - anonzip.com/C79/School-0.952-win

Report Overview

Submitted URL
anonzip.com/C79/School-0.952-win_BugFix4.zip
IP
135.181.248.190
ASN
#24940 Hetzner Online GmbH
Submitted
2024-05-10 14:41:11
Access
public
Website Title
School-0.952-win_BugFix4.zip - AnonZip.com
Final URL
anonzip.com/C79/School-0.952-win_BugFix4.zip
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
moonoafy.net	unknown	2024-01-09	2024-01-09	2024-05-06	4.4 kB	110 kB	139.45.197.250
cameesse.net	unknown	2023-10-18	2023-10-18	2024-05-09	6.3 kB	179 kB	139.45.197.242
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	913 B	39 kB	142.250.74.106
anonzip.com	unknown	2024-01-04	2024-02-18	2024-04-18	16 kB	1.2 MB	135.181.248.190
gishejuy.com	unknown	2023-10-25	2023-10-25	2024-05-09	4.9 kB	37 kB	139.45.197.242
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-05-09	563 B	481 B	139.45.195.254
alwingulla.com	unknown	2023-05-22	2023-05-22	2024-05-06	400 B	83 kB	104.21.72.155
offerimage.com	304078	2019-06-10	2019-06-10	2024-05-09	1.4 kB	45 kB	104.22.33.172
track.jefytrack.com	unknown	2023-07-04	2023-09-05	2024-05-09	742 B	1.1 kB	143.204.55.73
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-05-09	394 B	20 kB	172.67.193.52
lkbx.me	117868	2020-11-24	2020-12-14	2024-05-09	496 B	1.4 kB	47.89.248.255
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	418 B	103 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	4.9 kB	316 kB	142.250.74.99
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-09	455 B	740 B	139.45.195.8
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-08	991 B	1.1 kB	139.45.197.250
aistekso.net	unknown	2023-10-16	2023-10-16	2024-05-08	2.6 kB	93 kB	139.45.197.244
securedpeacomm.com	unknown	2023-02-27	2023-02-27	2024-05-09	673 B	8.9 kB	172.67.175.232
veepteero.com	unknown	2023-05-08	2023-05-09	2024-05-06	1.5 kB	7.8 kB	139.45.197.242
externalde.com	unknown	2024-02-28	2024-02-28	2024-05-09	655 B	1.7 kB	172.67.188.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	gishejuy.com	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	gishejuy.com	Sinkholed
2024-05-10	medium	amunfezanttor.com	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	amunfezanttor.com	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	aistekso.net	Sinkholed
2024-05-10	medium	aistekso.net	Sinkholed
2024-05-10	medium	gishejuy.com	Sinkholed
2024-05-10	medium	gishejuy.com	Sinkholed
2024-05-10	medium	gishejuy.com	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	veepteero.com	Sinkholed
2024-05-10	medium	cameesse.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	moonoafy.net	Sinkholed
2024-05-10	medium	aistekso.net	Sinkholed
2024-05-10	medium	alwingulla.com	Sinkholed
2024-05-10	medium	veepteero.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	anonzip.com/themes/spirit/assets/frontend/js/granim.min.js	11 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/granim.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen684 Hash 714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js	6.0 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen583 Hash c9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Loading...

	www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC	309 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:41:13 Last Seen2024-05-10 16:41:13 Times Seen2 Hash f919005d6aa05cd95cae4d7511fdbc21 ceca5fb347553c1b724ef5a0f5f7b70689702faf 7313499442c916f58e0dfba395296d304f83f1a55caac1a3c234a5165e702a58 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/typed.min.js	3.9 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/typed.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 19:01:01 Times Seen6145 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js	14 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen710 Hash 0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843 Loading...

	anonzip.com/C79/School-0.952-win_BugFix4.zip	44 B	2023-03-07	2024-05-20
Pretty URL anonzip.com/C79/School-0.952-win_BugFix4.zip IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 19:01:00 Times Seen3190 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	anonzip.com/C79/School-0.952-win_BugFix4.zip	926 B	2024-05-10	2024-05-10
Pretty URL anonzip.com/C79/School-0.952-win_BugFix4.zip IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:41:13 Last Seen2024-05-10 16:41:13 Times Seen1 Hash 62ab923fb7c539da5bc1a93ecce2cbb4 2e984f7cb2249134b816d682e5c2f0bce068b7c3 1299b1a4cbe56072a438faf318c08062a22ac99d4b9c1325dbad8aebf7c94a06 Loading...

	gishejuy.com/400/7406589	84 kB	2024-05-10	2024-05-10
Pretty URL gishejuy.com/400/7406589 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:41:13 Last Seen2024-05-10 16:41:13 Times Seen1 Hash c70edb3de600421774dc05f26a5e7b52 d1056d5801d8cb78ce7d15b7f0f3904e33af8a3c a2ed7d977137a8d14a71dc8d1641cba4881b93ce00551b2cc9d120d9bdc4c1be Loading...

	anonzip.com/C79/School-0.952-win_BugFix4.zip	292 B	2023-03-07	2024-05-20
Pretty URL anonzip.com/C79/School-0.952-win_BugFix4.zip IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 19:01:01 Times Seen3295 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js	54 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen678 Hash 8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/datepicker.js	21 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/datepicker.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 19:01:01 Times Seen6125 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js	5.4 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen1106 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:28 Last Seen2024-05-20 09:51:15 Times Seen7684 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	anonzip.com/themes/spirit/assets/frontend/js/scripts.js	115 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/scripts.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen433 Hash ce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c Loading...

	aistekso.net/401/7406591	91 kB	2024-05-10	2024-05-10
Pretty URL aistekso.net/401/7406591 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:41:13 Last Seen2024-05-10 16:41:13 Times Seen2 Hash 11f5bcae3cc291500d9a0851377efd54 abe3770f106eb5f96ca46fbb35a726c71ecd2f9e d02a1af692c535be810a07da88057608994af5a4aefac85b201156dd83809a0f Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-20
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-20 16:36:33 Times Seen1861 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	anonzip.com/C79/School-0.952-win_BugFix4.zip	153 B	2024-04-27	2024-05-20
Pretty URL anonzip.com/C79/School-0.952-win_BugFix4.zip IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 19:33:14 Last Seen2024-05-20 09:51:14 Times Seen57 Hash ebe6363c450e15741bfd266f056b7edd f27cab116d6ddcd32461aff593ac5dc540733b65 8a7acc7ff41204b7b271b201840225ed7ac744a12486add35ca7bbfc06baf9f6 Loading...

	cameesse.net/1?z=7406590	43 kB	2024-05-10	2024-05-10
Pretty URL cameesse.net/1?z=7406590 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:41:13 Last Seen2024-05-10 16:41:13 Times Seen2 Hash ace6190879f2ff60651a32fa7e19c95c 00995278e1645fd5cb41c7f6dd00c19514cc1717 9f8f3291fb65e9ff0dc21f5b51b5df78493aa35f7d0cb2d9c8e9cb29f72c29e8 Loading...

	unknown	90 kB	2024-04-25	2024-05-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 22:19:47 Last Seen2024-05-14 14:21:41 Times Seen281 Hash 4caad44ecc6a13eba45b63ed7cf9e387 e67dfe90bebd5447495d8fe962d03e55f6d13071 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00 Loading...

	anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js	1.8 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47:38 Last Seen2024-05-20 19:01:01 Times Seen5570 Hash 81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Loading...

	moonoafy.net/pfe/current/tag.min.js?z=7406592	15 kB	2024-04-25	2024-05-14
Pretty URL moonoafy.net/pfe/current/tag.min.js?z=7406592 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 22:19:47 Last Seen2024-05-14 14:21:41 Times Seen215 Hash ffdd38e0a5a1a47cb341a116a3318e0e 2fd730feff506cf56e14c531e9d89cdea2cca424 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c Loading...

	anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	70 kB	2023-03-07	2024-05-20
Pretty URL anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 135.181.248.190 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:01 Last Seen2024-05-20 09:51:15 Times Seen684 Hash 6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f Loading...

	alwingulla.com/88/tag.min.js	82 kB	2024-05-10	2024-05-10
Pretty URL alwingulla.com/88/tag.min.js IP 104.21.72.155 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 00:02:39 Last Seen2024-05-10 19:03:29 Times Seen14 Hash e56d22d4b078f2116acde5468a10ed4b 1bd53f708a56defabe094073b88a3114e313ae98 a2efe5c73146fd67ce971a6c328f742f4a631f03c79d0827391a2db2a25cae19 Loading...

	cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a	413 kB	2024-04-11	2024-05-20
Pretty URL cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 13:26:00 Last Seen2024-05-20 12:21:12 Times Seen290 Hash 297cc248309ba835cf13a1f82fd3f938 1e6f51ce257a0ee53e25280dd44092ed33339847 b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7 Loading...

	lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina	0 B	2023-03-07	2024-05-20
Pretty URL lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina IP 47.89.248.255 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:22:55 Times Seen37895517 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (81)

URL IP Response Size

anonzip.com/C79/School-0.952-win_BugFix4.zip

135.181.248.190

200 OK

4.7 kB

URL User Request GET HTTP/1.1
anonzip.com/C79/School-0.952-win_BugFix4.zip
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
4.7 kB (4671 bytes)
Hash
65a67c25672681ba143eb6404dd77edb
2c0ba8ce43f9b50ef18efbf4dc453bf352896b96
26e7cad50a3fd8fdecba355289eca5950956d371c4d11783472dda79ad7a5540

HTTP Headers

GET /C79/School-0.952-win_BugFix4.zip HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; expires=Sat, 11-May-2024 14:40:42 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Encoding: gzip

anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css

135.181.248.190

200 OK

77 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
77 kB (76922 bytes)
Hash
9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 76922
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-12c7a"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css

135.181.248.190

200 OK

3.2 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.2 kB (3160 bytes)
Hash
4541b29b6040bc31b760f98e914fd1d7
0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 3160
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-c58"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css

135.181.248.190

200 OK

12 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with very long lines (11486), with CRLF line terminators
Size
12 kB (12369 bytes)
Hash
3d2946aeae3cc8f43e2acf82ea029bd4
c25a0bd445ff9e6034d34e8f388f5565515a2783
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3051"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css

135.181.248.190

200 OK

6.0 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (6019 bytes)
Hash
25cfe48e07622a00154b677afcbaeb47
23e3ae1bd04ad1d00d25d30e39815104ceeae52f
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 6019
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1783"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/socicon.css

135.181.248.190

200 OK

9.8 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/socicon.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with CRLF line terminators
Size
9.8 kB (9838 bytes)
Hash
910a42ce112991b31b30a735f1006a5f
6c8b4769270f1c86bb1c7a6b54325465395ba614
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 9838
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-266e"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css

135.181.248.190

200 OK

3.9 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with CRLF line terminators
Size
3.9 kB (3889 bytes)
Hash
30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 3889
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f31"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/flickity.css

135.181.248.190

200 OK

2.5 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/flickity.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2521 bytes)
Hash
244d315064064270eabbbb7ac9f6c700
21ad53d3efbb40154293190173ee0c497ed7651c
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 2521
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-9d9"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/theme.css

135.181.248.190

200 OK

206 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/theme.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
206 kB (206456 bytes)
Hash
e13b70f9d6654b3656aec5b1bd5ae02a
903010ac4b9034f6839847a20ecd0f5a728b2b96
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 206456
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-32678"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/custom.css

135.181.248.190

200 OK

8.9 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/custom.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
8.9 kB (8936 bytes)
Hash
65417cde74809cb9b9e66d0ab4adc448
9729ccac013729aed790fdc25d71d858f50a137b
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 8936
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-22e8"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css

135.181.248.190

200 OK

206 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
206 kB (206493 bytes)
Hash
08f6281c909985fb24a5e3ad2be6753a
3a2f1161f8aea5fab0f54b64f43f293d9f1316c3
dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme/charcoal.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 206493
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3269d"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css

135.181.248.190

200 OK

59 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with very long lines (58929), with CRLF line terminators
Size
59 kB (59119 bytes)
Hash
879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 59119
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-e6ef"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js

135.181.248.190

200 OK

54 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
Size
54 kB (53873 bytes)
Hash
8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 53873
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-d271"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

135.181.248.190

200 OK

70 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
Size
70 kB (69754 bytes)
Hash
6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 69754
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1107a"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

135.181.248.190

200 OK

87 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86713 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 86713
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-152b9"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css

135.181.248.190

200 OK

103 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
ASCII text, with CRLF line terminators
Size
103 kB (102727 bytes)
Hash
c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: text/css
Content-Length: 102727
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-19147"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/typed.min.js

135.181.248.190

200 OK

3.9 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/typed.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (3949), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f6d"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js

135.181.248.190

200 OK

14 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 13862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3626"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/datepicker.js

135.181.248.190

200 OK

21 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/datepicker.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Size
21 kB (20975 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-51ef"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/granim.min.js

135.181.248.190

200 OK

11 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/granim.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
Size
11 kB (10635 bytes)
Hash
714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 10635
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-298b"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js

135.181.248.190

200 OK

5.4 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators
Size
5.4 kB (5360 bytes)
Hash
76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 5360
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-14f0"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js

135.181.248.190

200 OK

6.0 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators
Size
6.0 kB (6028 bytes)
Hash
c9e3a210d83398f301b3a7049c259676
8e227bb40fe120841829a7fef0ffeb091d179a91
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 6028
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-178c"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/scripts.js

135.181.248.190

200 OK

115 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/scripts.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
Size
115 kB (114862 bytes)
Hash
ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 114862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1c0ae"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js

135.181.248.190

200 OK

1.8 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.8 kB (1836 bytes)
Hash
81279e22c8ece9e1d0536a402484daa3
911797507fb12d4f451d5900e32db96ad697c401
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-72c"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png

135.181.248.190

200 OK

6.2 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
PNG image data, 588 x 94, 8-bit colormap, non-interlaced
Size
6.2 kB (6221 bytes)
Hash
6c1e20bb65960360a6d1782e017c9314
d864c40dbd565e934fddeea36938456d6a26982c
fafe927a322a36285028582aa429b7c47877cad76d2783d2b6ba3155e66bf9c6

HTTP Headers

GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: image/png
Content-Length: 6221
Last-Modified: Sun, 04 Feb 2024 12:00:04 GMT
Connection: keep-alive
ETag: "65bf7c44-184d"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/images/logo/logo.png

135.181.248.190

200 OK

6.2 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/images/logo/logo.png
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
PNG image data, 588 x 94, 8-bit colormap, non-interlaced
Size
6.2 kB (6204 bytes)
Hash
ecb7f5dbe1eee9fcc3d5839f7d2bb2fb
59c65d814622d7ea901cd367b4114cea05fdf1b9
d53d70c5ee49ccc36c86eca632815e1eb254786c4041b228196bb8c0cb635b20

HTTP Headers

GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:43 GMT
Content-Type: image/png
Content-Length: 6204
Last-Modified: Sun, 04 Feb 2024 11:52:58 GMT
Connection: keep-alive
ETag: "65bf7a9a-183c"
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (102249 bytes)
Hash
f919005d6aa05cd95cae4d7511fdbc21
ceca5fb347553c1b724ef5a0f5f7b70689702faf
7313499442c916f58e0dfba395296d304f83f1a55caac1a3c234a5165e702a58

HTTP Headers

GET /gtag/js?id=G-GWR0PX9LQC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 14:40:43 GMT
expires: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

135.181.248.190

200 OK

80 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-13914"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

135.181.248.190

200 OK

4.3 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-10c4"
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.99

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19280, version 1.0
Size
19 kB (19280 bytes)
Hash
386fb59be54b2d819064af98e57cc226
9e2d14d736be97ec84bfca3513558450cd6e3249
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

HTTP Headers

GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:17 GMT
expires: Fri, 09 May 2025 01:49:17 GMT
cache-control: public, max-age=31536000
age: 132687
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 553262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16516, version 1.0
Size
16 kB (16516 bytes)
Hash
02ea59496b25ec14db0cd442451bf9f7
4266d37e1db030954b04cd1cf3ec06591d75fcab
dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:24:56 GMT
expires: Fri, 09 May 2025 02:24:56 GMT
cache-control: public, max-age=31536000
age: 130548
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

135.181.248.190

200 OK

447 B

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
447 B (447 bytes)
Hash
f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: image/png
Content-Length: 447
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1bf"
Accept-Ranges: bytes

anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

135.181.248.190

200 OK

5.0 kB

URL GET HTTP/1.1
anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
5.0 kB (5016 bytes)
Hash
a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:44 GMT
Content-Type: image/png
Content-Length: 5016
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1398"
Accept-Ranges: bytes

my.rtmark.net/gid.js?userId=008058bab52b402ff116754577b19667

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008058bab52b402ff116754577b19667
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
7f4e64b34db0a45e1e924fab6b87de9a
58c904d771261ec439d35724accdeb53a33a9568
0c59018994acd1686bce319d77371a64870884d9f76f3c6bfcc02b415308d51f

HTTP Headers

GET /gid.js?userId=008058bab52b402ff116754577b19667 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

gishejuy.com/400/7406589

139.45.197.242

200 OK

33 kB

URL GET HTTP/2
gishejuy.com/400/7406589
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80
ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT

File type
gzip compressed data, max speed, from Unix
Size
33 kB (32962 bytes)
Hash
0cc1bf44c4f598888d74a8b4e3290d6a
5ca726d844ea933a4c8d17547517b24ec83c1455
db0dc06f80858f890ae4d42e4de6f9bbb947c287ad802705a033b411d6e466df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /400/7406589 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
x-trace-id: 0e9944e685b9009c01846c031e09b5d5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300589f805a4d6cfbf16e7112eedd82; expires=Sat, 10 May 2025 14:40:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

anonzip.com/sw.js

135.181.248.190

200 OK

5.2 kB

URL GET HTTP/1.1
anonzip.com/sw.js
IP
135.181.248.190:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectanonzip.com
Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E
ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT

File type
JavaScript source, ASCII text, with very long lines (5235)
Size
5.2 kB (5236 bytes)
Hash
f3da3a180b9fcc93796c2e0064f80439
d3155e90b8bb0ccd2db019fa66beebf3f28d9116
2cfd12766505422ce33dad30985158e425f686a6a4e18d8a44e67b7c1af9451f

HTTP Headers

GET /sw.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/C79/School-0.952-win_BugFix4.zip
DNT: 1
Connection: keep-alive
Cookie: filehosting=usb2dbtgt3b7k9v38o0edh41e9; _ga_GWR0PX9LQC=GS1.1.1715352044.1.0.1715352044.0.0.0; _ga=GA1.1.279410383.1715352044; prefetchAd_7406588=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 14:40:45 GMT
Content-Type: application/javascript
Content-Length: 5236
Last-Modified: Sun, 28 Apr 2024 12:25:27 GMT
Connection: keep-alive
ETag: "662e4037-1474"
Accept-Ranges: bytes

moonoafy.net/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

moonoafy.net/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a

139.45.197.242

200 OK

131 kB

URL GET HTTP/2
cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type
gzip compressed data, max speed, from Unix
Size
131 kB (130593 bytes)
Hash
7357cc9142fd10b2b2aa6a64d7e8a7c4
03f82c4647fb9439da97b7138e74a2792e74cb5d
105a061090632104773356d53e4c10783d769310fe5f1a0e75e3a4f9f4a332de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /27/7552beb94fc0bdff7bbb33cad3d1ab0a HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=040058b77ea042f2ebd9d17574fbd882; oaidts=1715352044
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: df454f97391fb74140fc0ade60dbd6fb
cache-control: max-age:290304000, public
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
expires: Tue, 09 May 2084 03:16:58 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

moonoafy.net/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 391
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f79da9ba3e0fefcb141956cdc287d435
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

moonoafy.net/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 770
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 895e9d1de4e1e86963d4fca1a65088fa
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

gishejuy.com/500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.242

200 OK

0 B

URL GET HTTP/2
gishejuy.com/500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80
ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7406589?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667

139.45.197.242

204 No Content

0 B

URL OPTIONS HTTP/2
cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=008058bab52b402ff116754577b19667 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
1e993026197010f796db56e95fec7449
9650168dd229f08c488095a1bae4d4b606ca2644
787384887bc47847231c9db384425018595272c8b30f9f4410fb48739f51e620

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 528
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

moonoafy.net/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

moonoafy.net/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
moonoafy.net/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 400
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 750b16d42b69dc7cade14b48a8a500c2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92

139.45.197.242

200 OK

0 B

URL GET HTTP/2
cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=92 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 2e4ca15f09d200ecd2418b9e6fca5eeb
access-control-expose-headers: X-Sc
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:45 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:40:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

cameesse.net/121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672

139.45.197.242

302 Found

0 B

URL GET HTTP/2
cameesse.net/121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /121?rnd=136095562&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D812807995873308672&cln={CELL_NUMBER}&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&bag=ydU9kaAfa6I=&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
location: https://securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: f4313afdf8c8228863f66018b4829974
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

aistekso.net/500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.244

200 OK

0 B

URL GET HTTP/2
aistekso.net/500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7406591?excludes=&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg

104.22.33.172

200 OK

17 kB

URL GET HTTP/2
offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
17 kB (17173 bytes)
Hash
9c6355bcf96815c755fbba83f9fd8f64
ce698b45fb51ef1494f80f432b7aff0985247724
2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906

HTTP Headers

GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:45 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Fri, 10 May 2024 20:07:36 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66789
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafad4f1a930b-CPH
X-Firefox-Spdy: h2

track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp

143.204.55.73

302 Found

0 B

URL GET HTTP/2
track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp
IP
143.204.55.73:443
ASN
#16509 AMAZON-02

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerAmazon
Subjecttrack.jefytrack.com
FingerprintD9:FC:91:D1:FD:F0:F4:2D:48:E9:47:EE:31:A0:1C:23:D3:9A:29:D8
ValiditySun, 21 Apr 2024 00:00:00 GMT - Tue, 20 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp HTTP/1.1
Host: track.jefytrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina
date: Fri, 10 May 2024 14:40:46 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 145f6684-c379-407a-a2eb-922622a713e1-v4=BW_yMzqh-rfILIu_nqKpHwQ2U-mP3zzjgBdU8DKBR8I; Max-Age=86400; Expires=Sat, 11-May-2024 14:40:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wq8ud6g212f68m613s7usina%22%2C%22caid%22%3A%22145f6684-c379-407a-a2eb-922622a713e1%22%7D; Max-Age=31536000; Expires=Sat, 10-May-2025 14:40:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IT0PAtj1xCzc3Kar0GGD3ZsLSftiHzmLHp5QXab3MGk-4inuyx0KdQ==
X-Firefox-Spdy: h2

aistekso.net/impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.244

200 OK

43 B

URL GET HTTP/2
aistekso.net/impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/UXKJLrDgtxkDcZZ0ySmyKXUe0CdSaLXQHnLZNNwrgVERtCPEdOxrMRQOjSdm7YtWEzazgmYATurvhbRwL7qfjZIvia78E3ZRR5zCNw_39sIjQpcFxSZI1Jctwp0VSq2klS1Z6gf-NOAlIQhMO3C1fy6fV2HgS1bgXWAzWgRgcXpt940MCf4fqFRzMgOrKFsg-FgXi1LwXsXwE8aoKi2V1zb9x8eZM1i1vZkkBlOTD23Lb1GjYNOyhnA-OpIDSkUYI9d8-woYJmHorrz68771WcmOIyUaExngAHwUrbWHMhKlWCn7j1sG-3Cfbe0_dW9WDcWrTMBIRUvRcy7haqZaJmoBoK8X1D7aOtlB2_yK07Q6cCaJqMad0h4Gin4-TJjEXPDjaxPT0ZBjg8FQEIeE_vCaDLyc2N-XI309MRnEOi5YUbLTLFXYWlF6fnnkULp_NeZXDpVdkVKDWXp6tMIIIaFq4reDM5UGdYepozFbXQUk-nBYZvS_76VKuSN83sN7Byi9_ws_tjIv-CclL-EEb6YTS4ephRlRFk-XM04s-NHKdWJZE_Og3gI_cMQO6qreHQI4U6OncuQ6CvRamwWHPioYW6g1d5_mPUiOkJ8di53bVIL7rqjXhKCn0dCEbpsrDO_MosHYbvn3D-dqP9hgNQ==?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: ff85db2302bcf3e557744559f2d8907f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

gishejuy.com/impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.242

200 OK

43 B

URL GET HTTP/2
gishejuy.com/impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80
ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/J8Xfc3_DUshKk-wPSzGQzwmFje9ZOma765U68jeqApc40ptLTIdKoXtd2FeSZDNzSMBgHokH94bVxprDE4M-FiKo46HRnsxnqo1LXMJ5FeKQL8UDdgQrDXzLMwI7JndwL0obPYMmAPWnlWuqilJS_8DmlYa93iacEKjxhCl3V1usv-s02yF3JMRdnHYqcfSLfbVHz5MElrJSVdcWjih1WPLvcyFS0oArLWKDJP1POH2jPjVswDtPpzsekwpXqKfdO9V-ONR11K5UjAELN0OpG5DQVkj07Y2gRFw_GxDq2OaUmmA5XULvWUye9b-UYmun1QWzuo0sd5zsHD0ZyMx36OM5SwUh61fzyXWJEuVtKzhaCzQupNCR_-14MrbA9qGzFrKNwq5LBiFgoBOkTvYf8xzapA9wBuhUwUlDfww26W69MKmTtJJYGNnYFKpPfbBl45QU5OPeA3JznTMuIhZZzuv0ate4PHU_9qYPrmxn-aFyke_EYjMRO7h4jX9BJUz-_2xPhXhGfKU1NwWqR6KMyEnddcJGoER4PWL-X7JqUrl1m0pMZeh0786SRjVZsPfOJd1RIVuOkeSbVC2B1xyw8YzJSt2XSsbyZYNdTcFjzt96sg-BPVZR2uHAKRE8qkRkM3YULfFdMk2JVCVJ8MDLtS0oZk-J6A6nbn1mags3OC66EHDlnn_VsEfiGusxDCyQx8EN6_3hPCw=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: 93caf40a8600e15b3f1b6edbc9a3e7bf
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg

104.22.33.172

200 OK

17 kB

URL GET HTTP/2
offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
17 kB (17173 bytes)
Hash
9c6355bcf96815c755fbba83f9fd8f64
ce698b45fb51ef1494f80f432b7aff0985247724
2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906

HTTP Headers

GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Fri, 10 May 2024 20:07:36 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66794
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafc9683c930b-CPH
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 273258
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

16 kB

URL
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 30751
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gishejuy.com/500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.242

200 OK

0 B

URL OPTIONS HTTP/2
gishejuy.com/500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80
ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /500/7406589?excludes=19845928&oaid=008058bab52b402ff116754577b19667&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg

104.22.33.172

200 OK

9.3 kB

URL GET HTTP/2
offerimage.com/www/images/3303c3ec46f8b840a87559e75824b84b.jpg
IP
104.22.33.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectofferimage.com
Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72
ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3
Size
9.3 kB (9292 bytes)
Hash
3303c3ec46f8b840a87559e75824b84b
dca17ecb9395b5e83d50ba8c140af48d0b5a76ae
a680f7fe40d758da9e24159585e9d43a5080c8130fcf8349fae977243b6a0987

HTTP Headers

GET /www/images/3303c3ec46f8b840a87559e75824b84b.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:50 GMT
content-type: image/jpeg
content-length: 9292
cache-control: max-age=86400
cf-bgj: h2pri
etag: "64aecb18-244c"
expires: Fri, 10 May 2024 20:18:32 GMT
last-modified: Wed, 12 Jul 2023 15:47:36 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66138
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafcb3b9e930b-CPH
X-Firefox-Spdy: h2

gishejuy.com/impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0

139.45.197.242

200 OK

43 B

URL GET HTTP/2
gishejuy.com/impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectgishejuy.com
Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80
ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impression/WLTHBDHiq1W5wRFTPGwqgX_GzLGqCMFvUBxpLJ-5INZZttexxb9bWm-mR8tuSy95XkLdeFlaqOV_X1Bc70WatebgUxe2UJG5Uty2WJoxjwpgf9Xp0uZFEVvVCe0pDPvF3NfTewgmG1JRA3JmQOB2tvLHDDag43ioMXaX14J7Uas6BKMpdZpiEC5kkBxVoEAO_YQ5Y1AnAC-uXzA_HwQqyarASz4eStZNWtu2TmNKAdASvY8KtgQ0SkSnJGiiO08vGZb3hPRwy_bbMo70pOql8Z7ImTMcdUtdEwhiB1n-E4AAX9u6OFdbkfmRxdPl_yIEYNYYHWjk0bbF1IlgxyQUg2YdQb-QSd8daaKhzEpOxwFToDzjy6EYCn7y2Nt7i-JMNMZVmXIlK8n-aLbmGI2kVj_R-uxuO-efZaGsJzXtpOTT27C3acI3IKGQmVZS-Zc0LZjLA1JpMsRmhCKRXTcL1c1huX9Ck2wC2inB7-ti7gwz8jHzFtMPLv0DK6tNblwjUe4S4XNUBGlVF9li82a50hrDDzEETLIQpwZOS56qle4LmQTqrPAJ_hVFbF2HEH8oIvvqjXo5AF9EdlOP_XbEXnnb6t0jQbpGGiKYwHix3e_qoeL1PCD04b_0lAfRHZK8pqN-S__m_FJG5K5ITQi21TWjjZ1xZBzphPWAur6MchxMuv8hiBqj4cD5qRUkAh4k?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.339.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=008058bab52b402ff116754577b19667
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: 9d7d1f39ac4c55c71fe320131ba98dc7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672

172.67.175.232

302 Found

8.0 kB

URL GET HTTP/2
securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672
IP
172.67.175.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectsecuredpeacomm.com
FingerprintE2:58:9B:FC:54:26:CA:CC:89:05:0D:28:D6:2E:28:9E:39:7E:5F:D6
ValidityMon, 15 Apr 2024 19:27:34 GMT - Sun, 14 Jul 2024 19:27:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
8.0 kB (8027 bytes)
Hash
ae67a1f715e8edc4166b6aa710013231
5b45ac90fb59a4106720cfc94b18a24384dfd22f
a78e0226c727ec9ff1b99105fb44d840a717760da750dd94c115aeb1955180fc

HTTP Headers

GET /in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=812807995873308672 HTTP/1.1
Host: securedpeacomm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:40:45 GMT
content-type: text/html; charset=UTF-8
location: https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=812807995873308672&ctrl_fetch_dest=iframe&ctrl_id=663e31edd3381781217609&ctrl_ts=1715352045.8652&ctrl_ab=burp
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HNjODIiCdGrjh1hRNFu%2Bsg7dQkVMQ6GHPdgNREUQCiBZEJeWcGThVd1Y5VzJzs3GyWA2vjqb3bi2Z%2FxryDZc3g5DxmI2p89ay5kVAPCbYIxnjsycFVevXCvTUJib4AckvRqlSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881aafad3c970b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1

139.45.197.242

0 B

URL GET
cameesse.net/11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP
139.45.197.242:0
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /11?rnd=4188825214&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=iiRZuu_4gyqU31QAqj58rv-ZBZnfnkD9Wx9LC2oE3dbYXIYRYdVh2efMp6qdaosutT7twvs8-kx-R8dOIJimr6D8a_iXvtqZKgGYE2q-GzO4CRuEh5IfXd5UxpOTLnhMtYBy_B4tVVLJjYs-CNl3zx5ff52dIcfU_P_vD7m2XoM2uRa4VqAUY16ODVwtUtVHITjIaI4YRMVhL-2KLDSyV38tRj4JQHqokFXVUD0SDEVRInufPZUp3LPx5FW9uceyiXcvWHLj5ltCRw8H2joevWGuOvHq936l9Jby5_KMpLqG570k9D8d495n12zUxgEmQ2sWs-3TciVfaozY8qsNWs61AXU-qShNPfXoXXARJfgpYX-D8a7z61B5BUTinihiJAZm3sjhAmUT26GFJH52j8NOkEJM4MSIM2hgeok16gy1FOxCe8682hy8vKjjteTPQz56Skxy9Zh7EubH1f-66J0SXyIPoPzjba8DGP8FYzeZJPgzVSp13rotHZwR6rPbhmbJ_O56fe5TMndgwWDe6WxcnbLhETYZl_HTR1kw4UuKRC8zC7HanEO6SfGtbo2h0Ek0LAZS1IjkYxXj8TW08lkLxvqQelBT9T0iq8ty3rgNs9wb&ruid=3c680796-8809-4eea-be1b-c3d434c7c97f&subid=812807995873308672&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=008058bab52b402ff116754577b19667; oaidts=1715352044
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:41:05 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 401a0d2f3f14cc949a0a8114153d2692
access-control-expose-headers: X-Sc
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
oaidvc=1; expires=Sat, 10 May 2025 14:41:05 GMT; secure; SameSite=None
CNT=1_v1_rtk9AQEAAACNTQAA; expires=Fri, 10 May 2024 15:41:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

veepteero.com/88/61794

139.45.197.242

200 OK

3.1 kB

URL GET HTTP/2
veepteero.com/88/61794
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3367), with no line terminators
Size
3.1 kB (3103 bytes)
Hash
1045da909da7dcf4eeff9716df484472
4bbced7161e8e8566360ce9e671eda296fa21e73
968286e0918eaac43f14f44ffad3d4ca9789adcd53f8092ecd49f5c1d9a490c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/61794 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina

47.89.248.255

200 OK

1.1 kB

URL GET HTTP/2
lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina
IP
47.89.248.255:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerDigiCert Inc
Subjectlkbx.me
Fingerprint85:1C:F3:96:31:0D:EC:E9:85:9D:6E:27:5F:AE:1D:6C:F2:9B:F5:BD
ValidityMon, 27 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1129), with no line terminators
Size
1.1 kB (1073 bytes)
Hash
0d9ab5ecbec3e5c8835edcb6348dade2
d8804cdddf5cce3e7e6de2b8189ca323107b3668
998ea77d32a7e8a161587658283bdd690503972d50dca5d7e0e1dca086d2941d

HTTP Headers

GET /4KqY7?uid=wq8ud6g212f68m613s7usina HTTP/1.1
Host: lkbx.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: discuz_2132_saltkey=oGAdQC9U; expires=Sun, 09-Jun-2024 14:40:47 GMT; Max-Age=2592000; path=/; secure; httponly
discuz_2132_lang=en; path=/; secure
discuz_2132_lang=en; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2

cameesse.net/1?z=7406590

139.45.197.242

200 OK

43 kB

URL GET HTTP/2
cameesse.net/1?z=7406590
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectcameesse.net
Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44
ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT

File type
JavaScript source, ASCII text, with very long lines (42427)
Size
43 kB (43416 bytes)
Hash
ace6190879f2ff60651a32fa7e19c95c
00995278e1645fd5cb41c7f6dd00c19514cc1717
9f8f3291fb65e9ff0dc21f5b51b5df78493aa35f7d0cb2d9c8e9cb29f72c29e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1?z=7406590 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: ff22fed582c9a6c6ad78dd3636180431
access-control-expose-headers: X-Sc
x-sc: RU1QC_2f2fIoxSGsqsx2yCJS2ai5Kwxh9tK6WuW5gwttAofUT3xvw-8zpdjhfAoXGPSQ2qA3hG_6W5ZH6npdBW_BbGc=
set-cookie: scm=1; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
OAID=040058b77ea042f2ebd9d17574fbd882; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
oaidts=1715352044; expires=Sat, 10 May 2025 14:40:44 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

moonoafy.net/pfe/current/universal.min.js?v=3.1.504

139.45.197.250

200 OK

90 kB

URL GET HTTP/2
moonoafy.net/pfe/current/universal.min.js?v=3.1.504
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (89850 bytes)
Hash
4caad44ecc6a13eba45b63ed7cf9e387
e67dfe90bebd5447495d8fe962d03e55f6d13071
66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-15efa"
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f7d32a8-1be1-415a-a0a2-fdb644f028e1 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1763
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 14:40:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonzip.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.106

200 OK

37 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
37 kB (37345 bytes)
Hash
c2b8ea09ec90a66034e1b61bc1f8e5d4
9558953728cacfc3433ba6281c1b4a58fbbc9d51
1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:40:43 GMT
date: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504

139.45.197.250

200 OK

880 B

URL GET HTTP/2
moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (977), with no line terminators
Size
880 B (880 bytes)
Hash
7db549bd97c2cf19c1a7b302563a42e4
9f3ff7d955b0ff41824a7094761659688b20088e
5bd403e962c03e25fe7f98492e5a381c5df1a49c1921132aeb92dcc2368b5697

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: abc934c53acec7787548998062a1801b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

moonoafy.net/pfe/current/tag.min.js?z=7406592

139.45.197.250

200 OK

15 kB

URL GET HTTP/2
moonoafy.net/pfe/current/tag.min.js?z=7406592
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectmoonoafy.net
Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0
ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT

File type
JavaScript source, ASCII text, with very long lines (14612), with no line terminators
Size
15 kB (14612 bytes)
Hash
ffdd38e0a5a1a47cb341a116a3318e0e
2fd730feff506cf56e14c531e9d89cdea2cca424
7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/tag.min.js?z=7406592 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-3914"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
959a533a3dc02649e0cc3f8f67d942af
34db49ff64aed8b51beaba5b9928ad504a4df335
24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 14:40:43 GMT
date: Fri, 10 May 2024 14:40:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

aistekso.net/401/7406591

139.45.197.244

200 OK

91 kB

URL GET HTTP/2
aistekso.net/401/7406591
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90744 bytes)
Hash
11f5bcae3cc291500d9a0851377efd54
abe3770f106eb5f96ca46fbb35a726c71ecd2f9e
d02a1af692c535be810a07da88057608994af5a4aefac85b201156dd83809a0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/7406591 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:44 GMT
content-type: application/javascript
x-trace-id: bd368f7879ccc8c2d1d22f4478ca8f16
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005811e7004b1cee8fa491421956aa; expires=Sat, 10 May 2025 14:40:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSf80QslSvkiKt2Jp24Moydu%2FAZizd%2B2rBwLFkiIVS3WwVx4vi0H1sHiSVsoMBXiKn%2FJhaAXU8f9R9y8Zb79EOmRSE76u9H%2Fphc0kHzmMkdQ6CHO57BmTubU9jpjBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafa9587f56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

alwingulla.com/88/tag.min.js

104.21.72.155

200 OK

82 kB

URL GET HTTP/2
alwingulla.com/88/tag.min.js
IP
104.21.72.155:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectalwingulla.com
FingerprintB6:A3:BD:4F:5E:0D:58:50:07:9D:17:E0:30:97:67:97:9E:23:1A:1C
ValidityTue, 12 Mar 2024 16:48:22 GMT - Mon, 10 Jun 2024 16:48:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
82 kB (81494 bytes)
Hash
e56d22d4b078f2116acde5468a10ed4b
1bd53f708a56defabe094073b88a3114e313ae98
a2efe5c73146fd67ce971a6c328f742f4a631f03c79d0827391a2db2a25cae19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/tag.min.js HTTP/1.1
Host: alwingulla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:40:43 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: b6805ced5440a1f6e4d4f6109796e9cc
cache-control: max-age=86400
last-modified: Thu, 09 May 2024 10:31:30 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 10 May 2024 21:39:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 61262
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJgADNUK7a5UNzmXWdXBWF8X9Ko9RTSIITLM%2BylMUQ0yDcifRc6jroMTtqev%2FLOQc9HMjAb41fkAFUxGqxYpVh08b7AhChHfR0TgSzhK7tEeUVwgxMDLqlE90IuMDOhdsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881aafa07ed85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina

172.67.188.225

302 Found

1.1 kB

URL GET HTTP/2
externalde.com/out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina
IP
172.67.188.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectexternalde.com
Fingerprint0D:2A:5D:DC:29:15:BD:05:1C:8E:F1:C5:82:D4:C0:5C:D6:A5:AB:58
ValiditySat, 27 Apr 2024 14:00:09 GMT - Fri, 26 Jul 2024 14:00:08 GMT

File type

Size
1.1 kB (1073 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /out/xyhkxckud/?ctrl_id=663e31edd3381781217609&ctrl_ab=burp&ctrl_ts=1715352045.8652&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wq8ud6g212f68m613s7usina HTTP/1.1
Host: externalde.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:40:46 GMT
content-type: text/html; charset=UTF-8
location: https://lkbx.me/4KqY7?uid=wq8ud6g212f68m613s7usina
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7K48wKw%2Foy%2FD7crc%2FVHNWOD%2BNLbWoj3bZ4MSUZtnglXrcONEngb3nhl2itZx1Br57yOoB8%2FIbPR9LvswIjYgaulnNX5YJzDaglqd4tfjE4r025%2BvFjgs4GtL0PW6TnT5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881aafafdeff568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

veepteero.com/?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link

139.45.197.242

200 OK

2.7 kB

URL GET HTTP/2
veepteero.com/?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://anonzip.com/C79/School-0.952-win_BugFix4.zip
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2749), with no line terminators
Size
2.7 kB (2719 bytes)
Hash
23c2b98fc6bc3b6e8d83c3a8f1755b35
22fff22d70017768b83d1390a94bb02c0b445cba
22f6891698ecb73da26f8de47743977c9ee186fa64a50a6586f1c46ff82c30a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=XTN5eC8PlCNM0v49Y0e-PEGG0lztDIHdcCcPf2CK6QNRTUngMqNzV8ujG1g8LI4ywXK0d4fIpfNCMDOLec-pu_9zdAi4ZIBO2Cqr0W2-e3rWrLzcL1UIgBF2Ib5cIAyWMQB836dHkZ58s48BDzKtTOmOMdws-jaC0PHv5cIJhfWZQDXaXb5Ox9fhUgkuGWiAUL77i83jKVH-B5-p3fxQZfSEwVuoNkaphAFirzIZV4eOz6Y01eOagzANNKrrjTaqK-2CUQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.792.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC79%2FSchool-0.952-win_BugFix4.zip&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.792.0&navlng=en-US&pnt=0&pnrc=0&bs=726e4ed7-a465-44b5-94a6-ceee16eb3897&wasm=1&userId=008058bab52b402ff116754577b19667&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 14:40:45 GMT
content-type: application/json
x-trace-id: d8e9a3a34eb5e6b8c43a2b7a5e84f830
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008058bab52b402ff116754577b19667; expires=Sat, 10 May 2025 14:40:45 GMT; path=/; secure; SameSite=None
oaidts=1715352045; expires=Sat, 10 May 2025 14:40:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 17 May 2024 14:40:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML