cdn-126.anonfiles.com/B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip
195.96.151.78301 Moved Permanently 162 B URL HTTP/1.1 cdn-126.anonfiles.com/B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip
IP 195.96.151.78:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip HTTP/1.1
Host: cdn-126.anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 12 Oct 2022 13:13:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-126.anonfiles.com/B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 12 Oct 2022 12:49:13 GMT
Expires: Wed, 12 Oct 2022 13:32:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7chrTyWIMIkH7pIlJImzTcfcrWhq7nGMwcH59w7Vnn5i6ekx1RkRoA==
Age: 1448
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3235
Expires: Wed, 12 Oct 2022 14:07:16 GMT
Date: Wed, 12 Oct 2022 13:13:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ceb45134349ef6afcb5b4bb730678041
15dc3ecb18e30e77cd7c694dd237bff9be583e7a
a39e0827fa31257562bb681e312ec2944a862e9ad4e568a803f6e09e994a6018
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A39E0827FA31257562BB681E312EC2944A862E9AD4E568A803F6E09E994A6018"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14359
Expires: Wed, 12 Oct 2022 17:12:40 GMT
Date: Wed, 12 Oct 2022 13:13:21 GMT
Connection: keep-alive
cdn-126.anonfiles.com/B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip
195.96.151.78301 Moved Permanently 0 B URL HTTP/1.1 cdn-126.anonfiles.com/B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip
IP 195.96.151.78:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /B3d2k6Cdy6/c784a56b-1665580400/Wallpaper%20Dumps.zip HTTP/1.1
Host: cdn-126.anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 12 Oct 2022 13:13:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/B3d2k6Cdy6
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eNP/cCoW+k/aHkOnrnAUz5xR93n/JcTCFHHYlULz+XtT+d+08XgKdqQfLJ0Q7ccEDafDh80kuhA=
x-amz-request-id: Y5JM20SGBFR715P2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 12 Oct 2022 13:01:17 GMT
age: 724
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fbdd7be8de9b13c60bc9a8c98ade82c2
c2f646b1a00e2c91838534f9c7e2b14ec756e05b
ff70ff7d4aa84c55a6d208193e4afe731238cb3d92cb9909722616a03db1fedd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF70FF7D4AA84C55A6D208193E4AFE731238CB3D92CB9909722616A03DB1FEDD"
Last-Modified: Tue, 11 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Wed, 12 Oct 2022 16:14:25 GMT
Date: Wed, 12 Oct 2022 13:13:21 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 12 Oct 2022 13:13:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/B3d2k6Cdy6
45.154.253.151200 OK 3.0 kB IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (515)
Hash 6882994d270ab8e0d7fc8108deb87174
ec45f61a75d43260e83e6f56dee1b88670b7cf77
e64744f203fc77ca38a4201df981a2a9ebad616010961ba4740572aeea77c1d7
GET /B3d2k6Cdy6 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: N
Content-Encoding: gzip
anonfiles.com/css/anonfiles.css?1663360421
45.154.253.151200 OK 25 kB URL HTTP/1.1 anonfiles.com/css/anonfiles.css?1663360421
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash bf84dfe5f6e6044aa4c1095a7a9a850e
e411fe5ea4f2b5ce7382dfe3079589f4817ad165
2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
GET /css/anonfiles.css?1663360421 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1168
Content-Encoding: gzip
anonfiles.com/sw_anonfiles.js
45.154.253.151200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 34150
Content-Encoding: gzip
anonfiles.com/js/app.js?1663360421
45.154.253.151200 OK 58 kB URL HTTP/1.1 anonfiles.com/js/app.js?1663360421
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1663360421 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1110
Content-Encoding: gzip
anonfiles.com/img/flags/24/kr.png
45.154.253.151200 OK 988 B URL HTTP/1.1 anonfiles.com/img/flags/24/kr.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2456
accept-ranges: bytes
anonfiles.com/img/flags/24/br.png
45.154.253.151200 OK 1.1 kB URL HTTP/1.1 anonfiles.com/img/flags/24/br.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 201
accept-ranges: bytes
anonfiles.com/img/flags/24/fr.png
45.154.253.151200 OK 536 B URL HTTP/1.1 anonfiles.com/img/flags/24/fr.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3577
accept-ranges: bytes
vjs.zencdn.net/7.3.0/video.min.js
151.101.86.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.86.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Wed, 12 Oct 2022 13:13:22 GMT
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.86.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.86.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Wed, 12 Oct 2022 13:13:22 GMT
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 3835
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 12 Oct 2022 12:29:41 GMT
Expires: Wed, 12 Oct 2022 12:44:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: x7UnqoUVEqNj2Y9mbhkQujY9qKlGsdOY_zrHJKkpljdCPWhaN0S2_A==
Age: 2621
anonfiles.com/img/flags/24/jp.png
45.154.253.151200 OK 599 B URL HTTP/1.1 anonfiles.com/img/flags/24/jp.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2469
accept-ranges: bytes
anonfiles.com/img/flags/24/de.png
45.154.253.151200 OK 483 B URL HTTP/1.1 anonfiles.com/img/flags/24/de.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2618
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 63604bda613d148120c491e2f095255f
0fc63ecaff8a0f36dc2a82f3fb187725d0064d69
8478a84e8513fb9afb0d1c369b668bd37ca98943a624ac3a3a69165536bd1748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3787
Cache-Control: max-age=158194
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:22 GMT
Etag: "63467599-1d7"
Expires: Fri, 14 Oct 2022 09:09:56 GMT
Last-Modified: Wed, 12 Oct 2022 08:06:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
anonfiles.com/img/flags/24/in.png
45.154.253.151200 OK 593 B URL HTTP/1.1 anonfiles.com/img/flags/24/in.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3570
accept-ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0752306815ad563e9423134af1172468
770d55f581421a2f48b03a9aad124e4edd4514cb
3467102c7f39165ca8a27a701e0be1b6718ee4f7002fa7e333113aec91a234b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3467102C7F39165CA8A27A701E0BE1B6718EE4F7002FA7E333113AEC91A234B2"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19917
Expires: Wed, 12 Oct 2022 18:45:19 GMT
Date: Wed, 12 Oct 2022 13:13:22 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/se.png
45.154.253.151200 OK 581 B URL HTTP/1.1 anonfiles.com/img/flags/24/se.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 230
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737329
54.230.245.59200 OK 69 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP 54.230.245.59:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash d681536509b4fb04573b989aafd609cb
e37204603a3b2cc3369c8a2f206ff51608e945d3
b148aa06b55936fcd0d70965e5a05cdfd0eb07f9ec8456b7f45eb4de25a672ab
GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68607
date: Wed, 12 Oct 2022 13:13:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7cdY0HktOl_eKCsZCfzCJG3kWqX0GIpz0iV8o5PO2IrNtzI4YBim8w==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/pl.png
45.154.253.151200 OK 347 B URL HTTP/1.1 anonfiles.com/img/flags/24/pl.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3548
accept-ranges: bytes
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AzAGfz9wNZlavAH6aiWjxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQVx4IzRVAjAtjH2b6qjqQdNP3c=
anonfiles.com/img/flags/24/dk.png
45.154.253.151200 OK 537 B URL HTTP/1.1 anonfiles.com/img/flags/24/dk.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4931
accept-ranges: bytes
houldthinkhi.buzz/QkdiQmtteAExVhc9Bi46Fw0LBgcAdgYVGAoSKgBaGCAkGghxBkQ2AiZ6VXFccXVbZBsrI19zTTEzAzYeMXpTZAIsIQ1/TTR6U2xYdmlQe0VyYRd/WmQzEiMMf3ZEMh82K19zXXRyV3pbdndQdF5z
172.67.146.18204 No Content 0 B URL HTTP/2 houldthinkhi.buzz/QkdiQmtteAExVhc9Bi46Fw0LBgcAdgYVGAoSKgBaGCAkGghxBkQ2AiZ6VXFccXVbZBsrI19zTTEzAzYeMXpTZAIsIQ1/TTR6U2xYdmlQe0VyYRd/WmQzEiMMf3ZEMh82K19zXXRyV3pbdndQdF5z
IP 172.67.146.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /QkdiQmtteAExVhc9Bi46Fw0LBgcAdgYVGAoSKgBaGCAkGghxBkQ2AiZ6VXFccXVbZBsrI19zTTEzAzYeMXpTZAIsIQ1/TTR6U2xYdmlQe0VyYRd/WmQzEiMMf3ZEMh82K19zXXRyV3pbdndQdF5z HTTP/1.1
Host: houldthinkhi.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 12 Oct 2022 13:13:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpU%2FhFfTMH53L0HcDb%2F0vYLYXJTCkE0l7%2FsKEYGBDjncsiDGL7cc0uVusoMIVpu%2B9tu0pOPQESondQ5cTmWHg1R%2FfFja0dS043adKO%2B2KvJXiTEluYrffYB5L5KLJt1dddUXuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 759017ad39a4b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
otireofhisl.one/d0xZdHkWLjoZRhZxO1IMBSBkUUsxaWsyHR06YE0KDyMoBA9GfXcXFRg5PRILGCItWhcSOHxGPwEbNBgtIAtpQTsdfHxGOyIlbTU3RRo4FS9CKzgYK08NIDVKNjUpITsOND8/SDIVFA5JEwgYJQM1HxhAMxl4Az04Rjk4MQpFDx1EXEUKDDwOOhwNACgWfGENKTZ1NywhIj8RICw0LjMDOjsOPkMwNhUjMQNCaWs2PjM4DCQTFBQUAyxSfh87LB8jFUYjRRQBTRsufxgiGEYkaxUATmlrMi5FAWk2PSYvEkdIES0xMgsVJhMHIS8WKzhKTi4ADRYVKmgbKi4aLUQuL2EpTSFFIxY6EwQLFyEBHwQ1TQggCxcbITA8ABAUBygJNTgfHAgHSDIUAwUyRQI/Ei4fABVFKx5qMwcWGTxkIA1FPWE/EicLPCMSHzYIAQ
54.230.111.44200 OK 1.2 kB URL HTTP/2 otireofhisl.one/d0xZdHkWLjoZRhZxO1IMBSBkUUsxaWsyHR06YE0KDyMoBA9GfXcXFRg5PRILGCItWhcSOHxGPwEbNBgtIAtpQTsdfHxGOyIlbTU3RRo4FS9CKzgYK08NIDVKNjUpITsOND8/SDIVFA5JEwgYJQM1HxhAMxl4Az04Rjk4MQpFDx1EXEUKDDwOOhwNACgWfGENKTZ1NywhIj8RICw0LjMDOjsOPkMwNhUjMQNCaWs2PjM4DCQTFBQUAyxSfh87LB8jFUYjRRQBTRsufxgiGEYkaxUATmlrMi5FAWk2PSYvEkdIES0xMgsVJhMHIS8WKzhKTi4ADRYVKmgbKi4aLUQuL2EpTSFFIxY6EwQLFyEBHwQ1TQggCxcbITA8ABAUBygJNTgfHAgHSDIUAwUyRQI/Ei4fABVFKx5qMwcWGTxkIA1FPWE/EicLPCMSHzYIAQ
IP 54.230.111.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3026), with no line terminators
Hash c1b79594f3c2248111e3b86e83a3ff17
aa8bdf9c0d4881a85049ba88671a9ffaafefe984
b62b2180c9bee30b10f32d813294ff39f6aaaa21e296d15dda46bce2511a1643
GET /d0xZdHkWLjoZRhZxO1IMBSBkUUsxaWsyHR06YE0KDyMoBA9GfXcXFRg5PRILGCItWhcSOHxGPwEbNBgtIAtpQTsdfHxGOyIlbTU3RRo4FS9CKzgYK08NIDVKNjUpITsOND8/SDIVFA5JEwgYJQM1HxhAMxl4Az04Rjk4MQpFDx1EXEUKDDwOOhwNACgWfGENKTZ1NywhIj8RICw0LjMDOjsOPkMwNhUjMQNCaWs2PjM4DCQTFBQUAyxSfh87LB8jFUYjRRQBTRsufxgiGEYkaxUATmlrMi5FAWk2PSYvEkdIES0xMgsVJhMHIS8WKzhKTi4ADRYVKmgbKi4aLUQuL2EpTSFFIxY6EwQLFyEBHwQ1TQggCxcbITA8ABAUBygJNTgfHAgHSDIUAwUyRQI/Ei4fABVFKx5qMwcWGTxkIA1FPWE/EicLPCMSHzYIAQ HTTP/1.1
Host: otireofhisl.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1180
date: Wed, 12 Oct 2022 13:13:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F7S1KD7A_aPmxgsRGxE9FoW-6NSO5CqLK0BTTA2KErR-ZrXX9h1b3g==
X-Firefox-Spdy: h2
otireofhisl.one/alZvWDELNAw1DgtrDX5EGDpSfQMsc10eVQAgVmFCEjkeKEdbZ0E7XQUjCz5DBTgbdl8PIkpqd1w3BGFbDjw6EngrZj4bWV47LWhCKQE3MGA4BzkVezgXNQ9JGi8uGQRcHwEvRyseLjR2AyELPmQdYSgKeCMBAjNhLGccFlIBAzsPRgYvOjRzPxIGaVQ7PiI+fQZiDQ9ZKzsrIEE/AlxoXTsuGzlQBhAoEGMgc10aZAYbKBN2GgQ9NFouHz0Bfi8QB30DLBFfbHUkDgMAZB0PADldLBE9IEkbAys7fDIRKQxpEhQ2PkY7Ajk/dA0EBApLPR5WC2MNAA0+AEccOxoABSYsP2M7EiwZUz8hDCtVBgA2GmQdYDczUkw8HDdfGmsMIH4iZSMudCUDIDN5
54.230.111.44200 OK 1.2 kB URL HTTP/2 otireofhisl.one/alZvWDELNAw1DgtrDX5EGDpSfQMsc10eVQAgVmFCEjkeKEdbZ0E7XQUjCz5DBTgbdl8PIkpqd1w3BGFbDjw6EngrZj4bWV47LWhCKQE3MGA4BzkVezgXNQ9JGi8uGQRcHwEvRyseLjR2AyELPmQdYSgKeCMBAjNhLGccFlIBAzsPRgYvOjRzPxIGaVQ7PiI+fQZiDQ9ZKzsrIEE/AlxoXTsuGzlQBhAoEGMgc10aZAYbKBN2GgQ9NFouHz0Bfi8QB30DLBFfbHUkDgMAZB0PADldLBE9IEkbAys7fDIRKQxpEhQ2PkY7Ajk/dA0EBApLPR5WC2MNAA0+AEccOxoABSYsP2M7EiwZUz8hDCtVBgA2GmQdYDczUkw8HDdfGmsMIH4iZSMudCUDIDN5
IP 54.230.111.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators
Hash 1ab2a341665e6ab4435511910e9626cc
e55a42711ba59b39deef49418529368f9ed732c3
141993f629058839e7aa354e39e09abd6c072ee20b304b258aaf85acfe37d23a
GET /alZvWDELNAw1DgtrDX5EGDpSfQMsc10eVQAgVmFCEjkeKEdbZ0E7XQUjCz5DBTgbdl8PIkpqd1w3BGFbDjw6EngrZj4bWV47LWhCKQE3MGA4BzkVezgXNQ9JGi8uGQRcHwEvRyseLjR2AyELPmQdYSgKeCMBAjNhLGccFlIBAzsPRgYvOjRzPxIGaVQ7PiI+fQZiDQ9ZKzsrIEE/AlxoXTsuGzlQBhAoEGMgc10aZAYbKBN2GgQ9NFouHz0Bfi8QB30DLBFfbHUkDgMAZB0PADldLBE9IEkbAys7fDIRKQxpEhQ2PkY7Ajk/dA0EBApLPR5WC2MNAA0+AEccOxoABSYsP2M7EiwZUz8hDCtVBgA2GmQdYDczUkw8HDdfGmsMIH4iZSMudCUDIDN5 HTTP/1.1
Host: otireofhisl.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Wed, 12 Oct 2022 13:13:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wrp7cVf0FS2Nt6iAwiX1z0YStq3N2BZNRKf116mQRzk9FnR3QCumAA==
X-Firefox-Spdy: h2
houldthinkhi.buzz/VWZLcXp6WSgCRwIKIAkePwI7ECsTJAomDjokDhI1Nws8Mi4iL20FEzFbfEJNZlV7Vwo8AnZAQnMVPxAOIBV2QFw8CC0eR3MQdkBUZUh5X0pzE3ZAXCEWKhZHZEA7BQ45W3pHTGBTc0FOZVR9R04
172.67.146.18204 No Content 0 B URL HTTP/2 houldthinkhi.buzz/VWZLcXp6WSgCRwIKIAkePwI7ECsTJAomDjokDhI1Nws8Mi4iL20FEzFbfEJNZlV7Vwo8AnZAQnMVPxAOIBV2QFw8CC0eR3MQdkBUZUh5X0pzE3ZAXCEWKhZHZEA7BQ45W3pHTGBTc0FOZVR9R04
IP 172.67.146.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /VWZLcXp6WSgCRwIKIAkePwI7ECsTJAomDjokDhI1Nws8Mi4iL20FEzFbfEJNZlV7Vwo8AnZAQnMVPxAOIBV2QFw8CC0eR3MQdkBUZUh5X0pzE3ZAXCEWKhZHZEA7BQ45W3pHTGBTc0FOZVR9R04 HTTP/1.1
Host: houldthinkhi.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 12 Oct 2022 13:13:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHUUqmsOKr2g6ULycCbtbpHV8IczcMPBDgohLuWT4fM1eGRSeigALh%2BY3HAcKm4qZj3pFeyJsdtX8oph1AkGkz%2BCc5Z6Y7AZIyuihJDn6ZYz5aiEpXuqgnyb0PmKtWxNqRqUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 759017ad59d9b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonfiles.com/static/logo.png
45.154.253.151200 OK 18 kB URL HTTP/1.1 anonfiles.com/static/logo.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f9fd716d30e220aa24bab0e94ebf0aa0
4af32d78655436173f272bb65159a232f1671b8d
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:22 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Thu, 13 Aug 2020 11:36:54 GMT
etag: "5f3525d6-4809"
eautumncam.one/utx?tid=737323&top=anonfiles.com&cb=eADmdy6vvEN2
54.230.111.105204 No Content 0 B URL HTTP/2 eautumncam.one/utx?tid=737323&top=anonfiles.com&cb=eADmdy6vvEN2
IP 54.230.111.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=737323&top=anonfiles.com&cb=eADmdy6vvEN2 HTTP/1.1
Host: eautumncam.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 12 Oct 2022 13:13:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 12 Oct 2022 13:14:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _9lNP8oJZ5zeCvUW4JFe4biYBH3sx7sozyqoVspi_0CqvyqWTe3uQA==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/vWmlTWG05Bj0+Ui4AN2VaaV5galR8AyA3AypUByxfK1EYMz0dDAQzBSA4Jn4ZIA1uaEs2CD0/UHwMPTtQa08yPA9nXXUsHTUCbjwCLBg7IAYzEz5+GDtUPjcXMwU/OUhoL2Z2XX9bY3AVa1h2ay9/W2M0BDQcK31fahFrbjJsXXZrL39bYyobf1oSYVt0WX-p9X2oONjsGNUxhHl9qWGNoXGpYdmpdPAAhPQs1EXZqK2NffWhLL1Ri
54.230.245.59200 OK 557 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/vWmlTWG05Bj0+Ui4AN2VaaV5galR8AyA3AypUByxfK1EYMz0dDAQzBSA4Jn4ZIA1uaEs2CD0/UHwMPTtQa08yPA9nXXUsHTUCbjwCLBg7IAYzEz5+GDtUPjcXMwU/OUhoL2Z2XX9bY3AVa1h2ay9/W2M0BDQcK31fahFrbjJsXXZrL39bYyobf1oSYVt0WX-p9X2oONjsGNUxhHl9qWGNoXGpYdmpdPAAhPQs1EXZqK2NffWhLL1Ri
IP 54.230.245.59:0
File type ASCII text, with very long lines (784), with no line terminators
Hash f348a6898c261b649508abaebcb37fe9
7c9c7e881875ee4c90611db3a4952585f50b8d89
d450e5abd347a1421f5726fa4b5c91438293e2a35206b4107e98edb3ee553cc4
Analyzer Verdict Alert fortinet Malware
GET /vWmlTWG05Bj0+Ui4AN2VaaV5galR8AyA3AypUByxfK1EYMz0dDAQzBSA4Jn4ZIA1uaEs2CD0/UHwMPTtQa08yPA9nXXUsHTUCbjwCLBg7IAYzEz5+GDtUPjcXMwU/OUhoL2Z2XX9bY3AVa1h2ay9/W2M0BDQcK31fahFrbjJsXXZrL39bYyobf1oSYVt0WX-p9X2oONjsGNUxhHl9qWGNoXGpYdmpdPAAhPQs1EXZqK2NffWhLL1Ri HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://otireofhisl.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 557
date: Wed, 12 Oct 2022 13:13:23 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dsQs4b4NS-Jp3x-wwk9Xvte7VuBvLXkdIfR_S8TkxVmlSzKmRbgJ9Q==
X-Firefox-Spdy: h2
anonfiles.com/img/file/filetypes/ext/zip.png?1663359761
45.154.253.151200 OK 874 B URL HTTP/1.1 anonfiles.com/img/file/filetypes/ext/zip.png?1663359761
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c3cc26839c5afb066f3d34cc293bf8c9
6a8cd435ef460872a2862098c3d2e060c425b5db
fa774f82fa9b5df9f5223894fc678f9a62191fdaeaba1b2231ba83d44a105618
GET /img/file/filetypes/ext/zip.png?1663359761 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 874
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 152
accept-ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11282957b6f954e19c7e410868b79759
01df9042a850d6692ff35387346f96cd92d2288a
fb05e9512fc1c3665301a8a934f8823787fb3178297b7c15315f96305f7e1036
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB05E9512FC1C3665301A8A934F8823787FB3178297B7C15315F96305F7E1036"
Last-Modified: Tue, 11 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3362
Expires: Wed, 12 Oct 2022 14:09:25 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/us.png
45.154.253.151200 OK 656 B URL HTTP/1.1 anonfiles.com/img/flags/24/us.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5187
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/6ak9jdjUJIA0QCh4mB0sCWXhQRQVMJRAZWxpyAA56InwvAHAlGiwdfUw7GRIIWmkPF1sNckUTWwlyUlBUDi1eQhMfLl4bWhAmDxpUT30lQxtaalFGHRJ+UlMGKGpRRlkDIRYOEFh/G04DNXlXUwYoalFGRxxqUDcMXGFTXxBYfwQTVgEgRkRzWH9SRgVbf1-JTB1opCgRQDCAbUwcsdlVYBUw6Xkc
54.230.245.59200 OK 253 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/6ak9jdjUJIA0QCh4mB0sCWXhQRQVMJRAZWxpyAA56InwvAHAlGiwdfUw7GRIIWmkPF1sNckUTWwlyUlBUDi1eQhMfLl4bWhAmDxpUT30lQxtaalFGHRJ+UlMGKGpRRlkDIRYOEFh/G04DNXlXUwYoalFGRxxqUDcMXGFTXxBYfwQTVgEgRkRzWH9SRgVbf1-JTB1opCgRQDCAbUwcsdlVYBUw6Xkc
IP 54.230.245.59:0
File type ASCII text, with no line terminators
Hash 144026e3d1298e0e27ffec7b2e9bdb86
bdf7f3c4c6fa5629517e50824a8997ed90415d55
0dc9211f401df5fa564aadf11a5204ec279eb77354ea0686c3ce971a45608291
Analyzer Verdict Alert fortinet Malware
GET /6ak9jdjUJIA0QCh4mB0sCWXhQRQVMJRAZWxpyAA56InwvAHAlGiwdfUw7GRIIWmkPF1sNckUTWwlyUlBUDi1eQhMfLl4bWhAmDxpUT30lQxtaalFGHRJ+UlMGKGpRRlkDIRYOEFh/G04DNXlXUwYoalFGRxxqUDcMXGFTXxBYfwQTVgEgRkRzWH9SRgVbf1-JTB1opCgRQDCAbUwcsdlVYBUw6Xkc HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://otireofhisl.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 253
date: Wed, 12 Oct 2022 13:13:23 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: to1FNOnGdD4PoS_MjMpLeOSJJ-d2hy1NT7WS3KEl0ZhsoDzuxFEtDg==
X-Firefox-Spdy: h2
swordhilte.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: swordhilte.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/ru.png
45.154.253.151200 OK 403 B URL HTTP/1.1 anonfiles.com/img/flags/24/ru.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 256
accept-ranges: bytes
anonfiles.com/img/flags/24/es.png
45.154.253.151200 OK 666 B URL HTTP/1.1 anonfiles.com/img/flags/24/es.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3583
accept-ranges: bytes
anonfiles.com/img/flags/24/fi.png
45.154.253.151200 OK 456 B URL HTTP/1.1 anonfiles.com/img/flags/24/fi.png
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 279
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: max-age=105585
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:23 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 18:33:08 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eea761024c9c5225485bf7db03d4c7a7
c9c17eea637286411aa0b38c27fd5ac42ca665e5
43edcf9eab9d1676070127c68afb84bfe82fa530ee278d8062974efe989e8504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eea761024c9c5225485bf7db03d4c7a7
c9c17eea637286411aa0b38c27fd5ac42ca665e5
43edcf9eab9d1676070127c68afb84bfe82fa530ee278d8062974efe989e8504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 4b544cc03bc932b5482e408028a86752
019a371b7a56223cec99e6277b5f084f82e5accd
b74b60369fed7fb632198a76f323b52df0600127a3a5e84269dc213703e625a6
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Oct 2022 13:13:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1678351661%3A1665580403624296&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrSvWeVjaWmiKRrvX2OcYIT0KwuzULkacFJoRcmhHUXOWslmXInQOLrWLKnm5fXqe5_rULcIg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-vc36sg8-BUFjzWad_Rucaw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:xlBa6sE0DirIawStutxk4fCQrqYTkw:wFOj_ZmmJNPI9aEh;Path=/;Expires=Fri, 11-Oct-2024 13:13:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a464ca15643bcc31638a8f90b79a6830
4ca05a29394874877161ac0e927b9c727e46cd89
f9409168d8a7328c576efb507c75863df0f39770b66d8bab1c655754ac18f3fa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F9409168D8A7328C576EFB507C75863DF0F39770B66D8BAB1C655754AC18F3FA"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8343
Expires: Wed, 12 Oct 2022 15:32:26 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash aefc9b78e12b9663b4bb6e224eb40def
e7b407b9c6976ac97838651005cf9e1de1c3fb9d
a98c8ab3c15537461df7a8b44ee258d9700003caef30fd53c2dec6d56c6a100f
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Oct 2022 13:13:23 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S352528272%3A1665580403624377&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpKNCbvgD-pRMD2pX1f2HzHQOQo1YIZPAhZSAtMiHJLwLCwtwiFujzRRWeHE68ynyf-4OginQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-r8OUh4mGNsWRIgAQWuTrxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:zRiWV3-uTG8wwsQ6rK-OyEh4DUGrDQ:ynV57JJ-ioInmV4t;Path=/;Expires=Fri, 11-Oct-2024 13:13:23 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
otireofhisl.one/utx?cb=MvFzy0zIdRN6&top=anonfiles.com&tid=737329
54.230.111.44204 No Content 0 B URL HTTP/2 otireofhisl.one/utx?cb=MvFzy0zIdRN6&top=anonfiles.com&tid=737329
IP 54.230.111.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=MvFzy0zIdRN6&top=anonfiles.com&tid=737329 HTTP/1.1
Host: otireofhisl.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 12 Oct 2022 13:13:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 12 Oct 2022 13:14:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _2dsDBzRQlqlGIEar_fKyVYKSu5bsAvQejQMPQwuueqBKC2_-nqRdA==
X-Firefox-Spdy: h2
anonfiles.com/sw_anonfiles.js?OE9qb2djbV1cUAt9WU1LGm1GTVFbLVsJXwgrRw5XCnhHWwUIK0dWUgB2R1pfDytfVl4Iew4JXhpjSFsECS5ZWgMBYgtZX1tiXl0CDWIIXFdcYlJcBFt6Xl9fDytaV0UUbRkYRRRtGRgISisCBgtMKkQNEkI1SENFCX9EWkUUKQsDFF1jDA4LSypGCQZUPA8y
45.154.253.151200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js?OE9qb2djbV1cUAt9WU1LGm1GTVFbLVsJXwgrRw5XCnhHWwUIK0dWUgB2R1pfDytfVl4Iew4JXhpjSFsECS5ZWgMBYgtZX1tiXl0CDWIIXFdcYlJcBFt6Xl9fDytaV0UUbRkYRRRtGRgISisCBgtMKkQNEkI1SENFCX9EWkUUKQsDFF1jDA4LSypGCQZUPA8y
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js?OE9qb2djbV1cUAt9WU1LGm1GTVFbLVsJXwgrRw5XCnhHWwUIK0dWUgB2R1pfDytfVl4Iew4JXhpjSFsECS5ZWgMBYgtZX1tiXl0CDWIIXFdcYlJcBFt6Xl9fDytaV0UUbRkYRRRtGRgISisCBgtMKkQNEkI1SENFCX9EWkUUKQsDFF1jDA4LSypGCQZUPA8y HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 27913
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8e058c50dbe0871b6ccde4ed4cc8785
06b0c34d584624df99282c1fff1d766b9ed00e64
3319073b74402c41450cc9ca2162140dbe8b231db146cf8e77cb0b43fa461b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9045885902afb286eef41988716895
550fd256897d4f483d00768972f56cd8c35e09e8
c3a8ae68f7eece41a71cd344042b97c99a12c61c5a40b29117fc3f6a8aa9eabd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: max-age=105585
Content-Type: application/ocsp-response
Date: Wed, 12 Oct 2022 13:13:23 GMT
Etag: "6345a83a-1d7"
Expires: Thu, 13 Oct 2022 18:33:08 GMT
Last-Modified: Tue, 11 Oct 2022 17:30:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a464ca15643bcc31638a8f90b79a6830
4ca05a29394874877161ac0e927b9c727e46cd89
f9409168d8a7328c576efb507c75863df0f39770b66d8bab1c655754ac18f3fa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F9409168D8A7328C576EFB507C75863DF0F39770B66D8BAB1C655754AC18F3FA"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8343
Expires: Wed, 12 Oct 2022 15:32:26 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663359761
45.154.253.151200 OK 1.3 kB URL HTTP/1.1 anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663359761
IP 45.154.253.151:0
ASN #41634 Svea Hosting AB
File type GIF image data, version 89a, 1 x 1\012- data
Hash decda5c05645bc33c73ebee9719f2750
8d4ed373836537759b272fa125b30918c3fdc9f4
2c4a43b63b154a722f60e81bca706b0794507c98c23b9cf85addb2f6097f07f7
GET /img/favicon/favicon-32x32-anonfiles.png?1663359761 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/B3d2k6Cdy6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Oct 2022 13:13:23 GMT
Content-Type: image/png
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 523
accept-ranges: bytes
accounts.google.com/v3/signin/identifier?dsh=S352528272%3A1665580403624377&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpKNCbvgD-pRMD2pX1f2HzHQOQo1YIZPAhZSAtMiHJLwLCwtwiFujzRRWeHE68ynyf-4OginQ
216.58.207.237403 Forbidden 804 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S352528272%3A1665580403624377&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpKNCbvgD-pRMD2pX1f2HzHQOQo1YIZPAhZSAtMiHJLwLCwtwiFujzRRWeHE68ynyf-4OginQ
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash ee0122a9b8d8032cc70162daeca0bcb5
1e100ba91fd0cee2b13b11ec2c5bbd9bf1ffee6a
c00641eb7d604c30353ccc81f25a30277bda71a39d286bba38168cb3a950faa0
GET /v3/signin/identifier?dsh=S352528272%3A1665580403624377&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpKNCbvgD-pRMD2pX1f2HzHQOQo1YIZPAhZSAtMiHJLwLCwtwiFujzRRWeHE68ynyf-4OginQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Oct 2022 13:13:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-S8TLqc8pKqJZAIl1O0ysJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=B2X9f8KL8Tn6nq5eE4W4x53pPfK-mYtPfwd0VURea0Z_tSVBgJFVpcfJzoDjAGHp5mpghO-r5m8GIfkQWK_qtkC2nf53ISZHcapmHSzOnWjnGgXWrqGgjMvhTxOvu354_aPLcebF1K6VXTvpinLnWP7-vEG0zXzcMiWfgYofXdc; expires=Thu, 13-Apr-2023 13:13:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 12 Oct 2022 17:35:45 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 12 Oct 2022 17:35:45 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 12 Oct 2022 17:35:45 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 12 Oct 2022 17:35:45 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15742
Expires: Wed, 12 Oct 2022 17:35:45 GMT
Date: Wed, 12 Oct 2022 13:13:23 GMT
Connection: keep-alive
accounts.google.com/v3/signin/identifier?dsh=S1678351661%3A1665580403624296&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrSvWeVjaWmiKRrvX2OcYIT0KwuzULkacFJoRcmhHUXOWslmXInQOLrWLKnm5fXqe5_rULcIg
216.58.207.237403 Forbidden 14 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1678351661%3A1665580403624296&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrSvWeVjaWmiKRrvX2OcYIT0KwuzULkacFJoRcmhHUXOWslmXInQOLrWLKnm5fXqe5_rULcIg
IP 216.58.207.237:0
Hash f5082999a1a7a713f9aed372c5418508
730b22f4edd8c642f0fde00b5eb9a273816ecc2e
f296d44ddb0034e8cbf85d760a99a2f38cd16c390fa2fa6e4498c674f08e4301
GET /v3/signin/identifier?dsh=S1678351661%3A1665580403624296&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrSvWeVjaWmiKRrvX2OcYIT0KwuzULkacFJoRcmhHUXOWslmXInQOLrWLKnm5fXqe5_rULcIg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Oct 2022 13:13:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-Mtz7LY5Y_GJ-iazOuyNhQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=WU-8IKrsSeVk7REuFVG5FbLzmJScmPXB9jIw8Frw5FUf9rsBuzdI9Sz3yfgfZUQVBVYMnmlpyOzbL8l40OX2Umb6mCM68NlUCH2LvsHS8BSCTFfYzWJFTDZHcW_geVUcSVuB3P39vHJIJlRdh2Eg43vGi5jT-v274pgq3Sdu9yA; expires=Thu, 13-Apr-2023 13:13:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f78379e6bde371b492c950402bcc39e
53a7502d8932c515aa09055c5cf8f2d2242e4398
241016bbd3cebc009f63dff2773c1c7fdb68fa941ab62b368d5e023b9155fa37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5d5a2a4-e4d4-4f11-8cb5-c320f1078b2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5252
x-amzn-requestid: b4ef9c4f-7ca4-42c9-a928-b0b8aa3cc695
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BUaEtBoAMF8Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e282-455619be605fa91977c66df7;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:39:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zg4cBw3GML5OoCmS3yOEMdwKHFgl4fulcLN0Eqp4ttYBPj3umRY9lg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:34:25 GMT
age: 52738
etag: "53a7502d8932c515aa09055c5cf8f2d2242e4398"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: e0271885-6c76-4a8c-98a2-4df8ee86a688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuA_FmaoAMF3AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344906c-6fe5dce86e61bd8027759559;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EZGQpzHMraEgNLgISszTWzRR7-4lgWEGH191UOYac6qPnLkrTjnNnQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:14:52 GMT
age: 32311
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d31330d47548d966e50813d7e2253551
ec0a371cca2d4e43f3375dd6b699478c5af62884
309f2cf9ccd62d5c2fd8713836b602317875f4273ef560f3bf3d681aa868b9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd952f4-819b-4d3c-91a1-0f9020bae81c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9325
x-amzn-requestid: 6a0388e5-97d6-42f4-b54d-a3f4826f2293
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaDE2JoAMFieg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-76ff69230ce03c033b35a4c4;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oUdj3LVRzke7i9j4pQRCGqss6LC-l1Qf4gvtAnrM9ZH1Bzu6Adezuw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 04:00:51 GMT
age: 33152
etag: "ec0a371cca2d4e43f3375dd6b699478c5af62884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c44735cb9a0eba8f445262a24c9cc478
ef570c9938890ec942e4786cc549d687cb8a2e95
5974dbdba95af9dbaeb5ef6ff4a2e045e88482987c296e6afba5381b14da9600
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5dcf5ef-7db7-4ea1-94ab-4f64163898dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6504
x-amzn-requestid: 21151bfb-93e7-485c-9ab3-13b7439e09ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3B7uE1iIAMFnww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e37e-54087c9c7a4b72962bf78531;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vINWu8ABGbLR_tD2eMQaKXFxdY34qMkAQIpOvNq5qchVYpLetmPzqw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:09:04 GMT
age: 54259
etag: "ef570c9938890ec942e4786cc549d687cb8a2e95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a262392688d01838edbe02f500679711
f9be0ceee7f5b14e1f17ab938596977cde016e63
f1555b8b9f4363bdae50d426e8601ff5d3d07605259c2e289006e16a10f4b5fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece197fe-b9f6-4fd7-9f1f-0167fe4259ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9359
x-amzn-requestid: adbd5dff-817b-4fa1-b935-300d7ebb0f3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3BPxHtuIAMF5jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345e264-1950f5c44861d16c43b2a71c;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JNxqAnPn5goAisqZzvZpea9u6MVOEUTqHqh_rlrQSZg770oMAtk5Zw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 22:08:55 GMT
age: 54268
etag: "f9be0ceee7f5b14e1f17ab938596977cde016e63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
swordhilte.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: swordhilte.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
swordhilte.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: swordhilte.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
swordhilte.buzz/
107.22.28.167200 OK 0 B IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: swordhilte.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 12 Oct 2022 13:13:23 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6073
last-modified: Wed, 12 Oct 2022 11:32:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1NB2I%2Bc1gfelu6UjhqpSaQHRQicpFnMlkJvOLf6lY0BoDqngsuCFwQm6xzhNoPpRdWgg7gEVUVHJraeimWht%2F9niPR27Yw40JO57ba2k7SXZ2RitJg%2FF6wg9uaf1sBU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 759017b2e8340686-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 12 Oct 2022 13:13:23 GMT
content-type: text/plain
set-cookie: csu=298346529702854@1@1665580403; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St%2BFQ4vocGZkkNpzrw%2BW4EpRb2EIoKdYhHPxSnBcwjvX124upEt0zUxZ3T6w%2F4SKtw5zxv78VoVqYAy2LW14R8ItGrAKYLOaXXcTbP8rp%2B7ksFt9PcetakrInNmuqHSQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 759017b2d8270686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
44.195.137.121200 OK 0 B URL HTTP/2 baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
IP 44.195.137.121:0
GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1
Host: baconaces.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e101-hvz/PLrPXzX3iiCDUlBeSBnZArM"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: fmLKLefYLu3sUVN0gbrXpN+quAEGoBBQeVZmw68/Op2qm7OkxOMtEz3sFtfxclktob443cpgxY4IU3SExvnFcA==
date: Wed, 12 Oct 2022 13:13:23 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2