anonymfile.com/Y8V8/kur6996.rar
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/Y8V8/kur6996.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /Y8V8/kur6996.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 07 Oct 2022 12:07:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/Y8V8/kur6996.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: arq8K57x78ahIIPJus-OAhR5rKUUrcTryaW7kxo50bPIkj-3hYoTgg==
Age: 159627
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9241
Expires: Fri, 07 Oct 2022 14:41:46 GMT
Date: Fri, 07 Oct 2022 12:07:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Fri, 07 Oct 2022 16:20:16 GMT
Date: Fri, 07 Oct 2022 12:07:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JdAoQu4SVJ2rngNX3E9azhwgBXicDYfczeINg008z6szT7NDRmOkJOhGZE0G6DjqTR4UXCLFm5U=
x-amz-request-id: ZAY29RZD9E9TG936
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 11:59:10 GMT
age: 515
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:45 GMT
content-type: image/webp
content-length: 15344
last-modified: Sat, 30 Oct 2021 12:14:11 GMT
vary: Accept-Encoding
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:45 GMT
content-type: image/webp
content-length: 178070
last-modified: Wed, 10 Aug 2022 07:17:48 GMT
vary: Accept-Encoding
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 11:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 07 Oct 2022 12:06:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BFz2ZnTF-k_5EeDj1HVEx60EM67PgFBnC9VV66C23TYhstM34HtXDw==
Age: 2285
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
104.17.24.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP 104.17.24.14:0
File type assembler source, ASCII text, with very long lines (17282)
Hash 78aabb09e30a9eb6f833cbb1b48bdb2e
e876ff16b6c511bc217973e51202aaaf23a4e936
8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 758222
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fY7rcM47QpOJSJJz9OQg1Scs%2Bi%2BSyxK4mrQAicoLBfjKF3x1iLmAeIJLxqY7s1hlEpPGBJ1u019NDVF%2ByKan8F8Btw5dtQYrRSgyTBCF9DuTavQ%2BkY0BCCI8cjKTDBnG1%2BwioGh%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b18a99fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6024384
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPLEZEzF5iVY7f62vizBqVTNmAblKVCDy5BQTpk9ltJh0Exp2h7Yj8gH7C6AP34d6lJVd6aRg3IyUJ5YqwFc%2B3jccGY%2BL59NdxXJyRGWOYzI5Hdi%2BnODI4NXcCqG79ke0fRsVCs8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b18e56b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 41 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.85.229200 OK 19 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (43506)
Hash 831e2511caebc66168030ce212f2c4b4
f86d66f8238d1e3e73790fdb2224d216c0b7118d
30e1df45d19ba9ecd70b3edc712d3e2ff9e0c34b351a83331f01ce5c316b5ead
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.4.38
x-jsd-version-type: version
etag: W/"ff42-4cNyrUlltIULXWlJz9oCLtYvV0s"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 12:07:46 GMT
age: 12734
x-served-by: cache-fra19153-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18596
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5280
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:07:46 GMT
Last-Modified: Fri, 07 Oct 2022 10:39:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 54771337376134563d46c38220a0036b
e6a6dedae6ed11fcfe410df65f8fbe64984bbce6
9fc866a87e2e1c411b2c15e7300eb382b845c1d096b0876b7fae547d4d197fee
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:07:46 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E4885DCFBEB1369D0EB9006A73A090BE93855B2A"
Expires: Fri, 07 Oct 2022 23:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 274
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756684b2ce2f0b31-OSL
anonymfile.com/sw.js
138.201.48.112404 Not Found 33 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Hash bd02e3422d706b6b227247f0c6232aac
345009832213519e5f593c780ad4ed13b63cb94e
2296686dfc3a00db20db0662bef0f9743b637f6bcf42317a2fcf5d8225e98c85
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 07 Oct 2022 12:07:46 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
104.17.24.14200 OK 6.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (18706)
Hash 3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8187275
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tBNp%2B%2FrrjNc4aFVTVPqoCb7SY6lLIKEVDI0hRhyloWWr%2BXGODe2kd9ZM%2FKeLq1ORXXdPnz0UVhwyT081TTFxelmZlF%2B%2FdvlSV3quq%2FeFd21ALffYcJ8re%2FmJ18VNtdK8KbCw9N2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b37bf6fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
104.16.123.175200 OK 17 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP 104.16.123.175:0
Hash 20b22f0a5ed26c20b0759684da6cba56
cd5d39fce7d6e8ccb0b74d1a2ee5a9ece5694a57
a3dfcf3b4b3573a477daf38e6aa25df53882b53bfd7196fc169dd12a98157fdf
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 12971418
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 756684b32c04fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (10584)
Hash e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1533414
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT5%2FdvMNyKvNRtQXdlxWaMoiRIiKJiSN1NRFZGbMvqG6uJHxBFQ9xpHaJy%2BbrFBBcucIivYSFF1b4T8ENXdYBt%2FrktfFJAL4dr6FKCIfdQbP8lw%2FJTOfJFx6AFzAV400LdrdMVeE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b3ec57fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.32.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.32.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M8jQZ4w8z8z5XNTShzaQbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qkQWFeZly/0nqwzavKfd5KIvIYU=
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
104.16.123.175200 OK 124 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
Size 124 kB (124421 bytes)
Hash 14df58e678a5674251601cb2a6c68ceb
6714958d994978c6f14bbd318163201246547428
330c8e622de32bdbdd46ee7295c3a217e443b9961c23153853fed991c9321a65
GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 8187710
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 756684b32c02fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
104.17.24.14200 OK 24 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 23456, version 768.66\012- data
Hash e3e5eef95eb3652d939b8c86ecb47fac
ff36e7b2a956a05de0b94dbe7b1bf7e2d6d44cb2
445189de22489c06a549b75c8f8e95cc56639d4128cd72e76896b4d2a7c40ce2
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 23456
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-5ba0"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2487289
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=030gqjRXkcpQeESLPB45P5qWAO2dl3w0DGvfQF5bhi2YO8o6TGVxKIXePw%2FPPzNOZZ0IzZcDueTfHPdWE%2Fpa72x%2FijpY3a0XEYEo37zA89yRN9hGWzoz%2FkM%2BpESMkK191PRhM9EE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b59d8bfac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
104.17.24.14200 OK 105 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 105264, version 768.66\012- data
Size 105 kB (105264 bytes)
Hash ef9332780500ea981e97dff51cc30669
4020ed1a099b98c421f09ceb9a92f4a1d8d5d9c8
ec372177b8e8df39d755e16551dfbbddcc53938ca52765fd730d0925885c964e
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105264
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-19b30"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 763404
expires: Wed, 27 Sep 2023 12:07:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6QEjQ6qr%2BDx1FKALH5pQO5K2fUtZ%2BHTHPI0PtJ17jES6e60F6j0RuqX%2FeS0v7541lldSlfOcCFj2D1VpD702ajWVKXivCzT6dl%2FqHg2AGP2I5M9KYwawZ39VCj9CxRJepIaD4DX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 756684b59d8dfac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 077b75b03b4c1204aceed65970a7bd0e
f75016eb787ea2a5f610ab44311bd99a39705745
bdae6610e6ff268e4098f6f813bc60acd3eb9a40d43a00ef59f27d2296985504
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDAE6610E6FF268E4098F6F813BC60ACD3EB9A40D43A00EF59F27D2296985504"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4771
Expires: Fri, 07 Oct 2022 13:27:17 GMT
Date: Fri, 07 Oct 2022 12:07:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1a8a2e1d1e029d0dd8b54669b498df2d
d7e373a9c05fb410b9a427195b3a0784db47935c
34d8e1febe39e8264b646c9f615c37f4bcffa012823c2f6de1c175231cf6bb6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34D8E1FEBE39E8264B646C9F615C37F4BCFFA012823C2F6DE1C175231CF6BB6F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6547
Expires: Fri, 07 Oct 2022 13:56:54 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef826a3bf68b25509c4b7cc93679250b
a0d2b336fb4d04fd3048f696452e1084e79acb92
7badef76d91c05bf8fd75254d0c263fd01dd84e50509ec8de547d37dc8cf00b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BADEF76D91C05BF8FD75254D0C263FD01DD84E50509EC8DE547D37DC8CF00B1"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18136
Expires: Fri, 07 Oct 2022 17:10:03 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc6e32a9394f5288feb5e12812de6d7c
601260fd4644bca742ddcd19a910a4854280cf58
5ef06c31a9f400bc900b49e50d16f581891f9cf89ef86d93b0f8859ecf62febe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EF06C31A9F400BC900B49E50D16F581891F9CF89EF86D93B0F8859ECF62FEBE"
Last-Modified: Thu, 06 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12388
Expires: Fri, 07 Oct 2022 15:34:15 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
propu.sh/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 6.7 kB URL HTTP/2 propu.sh/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
Hash e6e72f99d1e912ef15cf4ac65119a253
30cbef0e691cf48ef36a1d1741ffed0c15fd7230
5bc41848da603ffd69dd3d6d647c60c89050ce8b88d9021413630a4041305577
Analyzer Verdict Alert fortinet Phishing
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5690c00c386c753af6de22646db06434
aa5b0574bf8aa58bc5608d593e7dcba23100b454
741af8ab8cb30aac3a08fe0ae823577cb602c717416f9bcd52cef5b830b5fb0e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 18:25:20 GMT
Expires: Thu, 13 Oct 2022 18:25:19 GMT
Etag: "aa5b0574bf8aa58bc5608d593e7dcba23100b454"
Cache-Control: max-age=540451,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756684b6ec281bfe-OSL
my.rtmark.net/gid.js?userId=1e1c9e6699e346e281f971cf13ea2aa0
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=1e1c9e6699e346e281f971cf13ea2aa0
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1936da198ba2261be6d3ee46c6cb0a8c
08a0571d95f8ba5263d236903373fd256ac1ce95
d190bf1cdbf7decd8eea135a9eb3ea9b77b5951814e0f52c2a2c580954a07e4e
GET /gid.js?userId=1e1c9e6699e346e281f971cf13ea2aa0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
nanouwho.com/42/38?z=5307589
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/42/38?z=5307589
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bbee866dadbe4a2689d2982bba0b905d; oaidts=1665144467
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5668599803fb69066326f6f699ceceb0
access-control-expose-headers: X-Sc
set-cookie: OAID=bbee866dadbe4a2689d2982bba0b905d; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
oaidts=1665144467; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
propu.sh/pfe/current/universal.min.js?v=3.1.396
139.45.197.250200 OK 47 kB URL HTTP/2 propu.sh/pfe/current/universal.min.js?v=3.1.396
IP 139.45.197.250:0
Hash 665e5db3fdd28bd1af0c3224fae54738
b37799537be869d7723a4c81979b812a5e79e49f
9ff7c9a0c6de303b4d53fed9486b3404823877e129887ad11ac34231ea913ffa
Analyzer Verdict Alert fortinet Phishing
GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d8a5daeb803b2857a893811b3d2a3c37
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 742
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: de78978d7f96ab3607d2cff47ea6bb96
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0
139.45.197.242200 OK 2.6 kB URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (6343), with no line terminators
Hash 791562e138c41937b63c319fda6305c1
98dd941c1e553a3b1541d52a33875bdc7559ac08
647da0649a79beea8e67bcc41c5b20cca9abfe805b225b8619d4e4e19d2cebf8
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=1e1c9e6699e346e281f971cf13ea2aa0 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 105
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bbee866dadbe4a2689d2982bba0b905d; oaidts=1665144467
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: cec33fa1abe4de59e022ac68054eed22
access-control-expose-headers: X-Sc
set-cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
oaidts=1665144467; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=_SYFH6GHY1MALzls5lZOsa3V_9XjgI_y1_yjZz4UpH3wAIU3mAZidgAk2f2e0ayMiJ16jV6qFIHdKWV4Wx40zzLf8JcjbzCJg06mwa3cbcwxlYVKe4eb3dgKmYaT3G8DHTis5GULOc1Z9FGiEAOeBsHqjsL5R07vulsWmHIL1Gcs9ANGu__yC_k_LccC-B08kgAT2740WJBgDdDfY0q7gJc0B0I%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.434.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.434.0&bs=5d8e4f5d-9d93-469e-8ccb-f3bb18ee2dca&userId=1e1c9e6699e346e281f971cf13ea2aa0&m=link
139.45.197.243200 OK 1.6 kB URL HTTP/2 onmarshtompor.com/?rb=_SYFH6GHY1MALzls5lZOsa3V_9XjgI_y1_yjZz4UpH3wAIU3mAZidgAk2f2e0ayMiJ16jV6qFIHdKWV4Wx40zzLf8JcjbzCJg06mwa3cbcwxlYVKe4eb3dgKmYaT3G8DHTis5GULOc1Z9FGiEAOeBsHqjsL5R07vulsWmHIL1Gcs9ANGu__yC_k_LccC-B08kgAT2740WJBgDdDfY0q7gJc0B0I%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.434.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.434.0&bs=5d8e4f5d-9d93-469e-8ccb-f3bb18ee2dca&userId=1e1c9e6699e346e281f971cf13ea2aa0&m=link
IP 139.45.197.243:0
File type JSON data\012- , ASCII text, with very long lines (2166), with no line terminators
Hash 33324544d83b7a1bc72f1876cf9e401a
b180f9be2687bd3f88560a0373846042c68c73f9
39aa1011f43e4a5e4133f3903fdf1d5c3e86f1d690b255967fd27b047ed57451
GET /?rb=_SYFH6GHY1MALzls5lZOsa3V_9XjgI_y1_yjZz4UpH3wAIU3mAZidgAk2f2e0ayMiJ16jV6qFIHdKWV4Wx40zzLf8JcjbzCJg06mwa3cbcwxlYVKe4eb3dgKmYaT3G8DHTis5GULOc1Z9FGiEAOeBsHqjsL5R07vulsWmHIL1Gcs9ANGu__yC_k_LccC-B08kgAT2740WJBgDdDfY0q7gJc0B0I%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.434.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.434.0&bs=5d8e4f5d-9d93-469e-8ccb-f3bb18ee2dca&userId=1e1c9e6699e346e281f971cf13ea2aa0&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/json
x-trace-id: 51ab5644274427594096fa59e302d5c7
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:47 GMT; path=/; secure; SameSite=None
oaidts=1665144467; expires=Sat, 07 Oct 2023 12:07:47 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 14 Oct 2022 12:07:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 07b58090895dfc7a505802319ed4c9a0
da54d4035e6221fd508fccfb97f27731964cd4f8
0c3d237f835c758d953999053bc846a35a50df5f27c3ddee927e097889e7e0cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C3D237F835C758D953999053BC846A35A50DF5F27C3DDEE927E097889E7E0CC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5665
Expires: Fri, 07 Oct 2022 13:42:12 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f323a3b73cab85abdce9b6631e8d93
36e42d12a193c90fbc03a7d13a1711f24bf6f2a2
259aecd4212d5c91c4eeb930d99e28ce420af50d987e93d99974f6db1127ff28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 8e8e58e6-a6d5-41ef-8246-bb276b882852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihYGo2oAMFXYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad5-06b81112046a7b2b3b898a3d;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: kctKeNa9LqP47hiCMEj7tkJFZVjgLi0LEJD_gGsCTjJ5lF4RC-UvHA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:07:00 GMT
age: 50447
etag: "36e42d12a193c90fbc03a7d13a1711f24bf6f2a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fb155a5d0fa0cebfa4cd03606f1f48c
c44cac382e2f2eb2b6ce35da6dfb37747d436d60
ca79a1bcc80f4e6fece82a0efb71a6c9af2b0b3d67b8f8c010a7f02ded6d2cfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ecd6748-5460-43cc-84b5-f33deb7cf126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6900
x-amzn-requestid: 9c86242f-70de-4484-90eb-ef6d9e7cde10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmpMaFCIoAMFYdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f5582-79871c575f974721675e9cd2;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 22:24:02 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: dbKiRZRm7d978ZvK90nLjT8yFRQatSZvrjDdbCXtedMWi9DgMbhSjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 04:22:08 GMT
age: 27939
etag: "c44cac382e2f2eb2b6ce35da6dfb37747d436d60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 50337
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:18:30 GMT
age: 49757
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 16 kB URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (317)
Hash dc6c3df1892530447aac2a35f7700828
67aad859ef0d14a3380969c6490d19a72a8e0716
53125768bb827adcc7125aef3f2239f224adad42f9c5a72084ba7ba97e65b3e8
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
cache-control: s-maxage=10
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.123.175302 Found 7.4 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
Hash 91b7abb8055f744511c50cfd40c96024
aaf8ff543c14c83a47833aaf05a8334310080d32
e4c92e227170d02368c35a0c1ecfd1e0a3bfae114d0f6c5205680bd65c7a3d79
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GES572ZPPQVZ867K1A5D8AHC-ams
cf-cache-status: HIT
age: 303
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 756684b22b28fac0-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8f914c75d78aabd8f442473c89339139
65f9275088f83adaabf31e48c76de615ceaf238d
e609b19f355624c89679e3029f5f54f6c1b0398d8b13aae97c6d11b2598dee66
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:07:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 12:52:20 GMT
Expires: Thu, 13 Oct 2022 12:52:19 GMT
Etag: "65f9275088f83adaabf31e48c76de615ceaf238d"
Cache-Control: max-age=520471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756684ba9fd61bfe-OSL
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.434.0
139.45.197.234200 OK 6.3 kB URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.434.0
IP 139.45.197.234:0
Hash 49e2e4b13fafc73616808f71a299a238
3a9efd6798b252b185cfe44d34cdf023f65abf7c
91448919d1c62411a0e2670fa7ea0a048f5d0091082296467072225abc4e464e
GET /5/5307591/?oo=1&js_build=iclick-v1.434.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: application/json
x-trace-id: f4c90b01c11b09aa2238c6a18dde63ec
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:46 GMT; path=/; secure; SameSite=None
oaidts=1665144466; expires=Sat, 07 Oct 2023 12:07:46 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
139.45.197.152200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash f533c93ff5b28ce50b1e6b9a5843d9f4
5483d2e7294716667f86cb07ad337e7b54409484
8037f98d491aa24e53a11eadf7cdc588d4a134b289955acca1f298379702ce81
GET /contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3667347890%26z%3D5307589%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D8AyS_PO5ZVcrPjYVgEbqovhwQiZucN0BwK-DfYFsJfF8wJoamE4d3P6oz2MBM0DDJzlvFIAKcO2t_8aOj7GhjAlpHTRBDJYqPIzLeYMUlQ4nQ8XP_FY4qqQE2-W_6ML_lNG5DFAxN01jtFOE8ittJ1qlLOoV7DUa-JjpSxLxYxBsl0a4L04ruJcoAf08s-Fb4lkIFPJ9mwlRlMGomNKzWMqiqTLnIWgZK919sUCLBU2aTtLIKzlDzCX1bA5BwTPS_VbMom7E8xLwZZUNbyM6o0f_F8X0_Sa9966HxklpRjMsoLpI2WnBWWPVwz8SyAn7eUqYkxjusHfmZNFABm7gJ3_frQRKcqeFeS71eIldxJg0D5SBcFSz-um1GM6DWi19MYCYHqvBidv7yFYjXT93HJKUGUrUBkUptxZmvcGeBJU7OQsj2rDffEQ0QFdf34gSoEk2ig7eEsngQ4u3zAD78_6z3Wda5AaEcYJzlivx8phjAnQ8lZPqr4_WRCHBfBOlanwpzcb2AvKnEa3pGSElyXyF2YdcgfQXQFrA4P6Mr5R4lvy3Q6WgoiXlET4zInTD-TpnuS7RX_U7nHAlbRCn5ccDQ_HpoGn0W4MHdPzd_sYR2tWpEID6-AqwlDLx9czveWmEGQL_DF6hfW55%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D66ac233f-7e1d-4499-9431-48da8cea3465%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY8V8%252Fkur6996.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: image/jpeg
content-length: 20112
last-modified: Wed, 19 Jan 2022 15:54:56 GMT
etag: "61e83450-4e90"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
offerimage.com/www/images/5c6ddc14315ee1b70fed3f043eaa7c23.jpeg
104.22.32.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/5c6ddc14315ee1b70fed3f043eaa7c23.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 5c6ddc14315ee1b70fed3f043eaa7c23
fc46074c2cf103e8079de316ba76ccb83cfc1c69
55ed4007016d0b47bd0f34f788ed711d5b437bfaf472e1c94feeceb7bde75aa6
GET /www/images/5c6ddc14315ee1b70fed3f043eaa7c23.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: image/jpeg
content-length: 11204
cache-control: max-age=86400
cf-bgj: h2pri
etag: "633d4897-2bc4"
expires: Sat, 08 Oct 2022 08:54:52 GMT
last-modified: Wed, 05 Oct 2022 09:04:23 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11574
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 756684bc38fff142-ARN
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
139.45.197.152200 OK 52 kB URL HTTP/2 interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 5e9b98c047812bb48d9b12a9d78bb7ba
a55f54b8b3cc2cc1a76e9a13979e007961d59fa4
7410b691e0099ec4f7bf23af1234f23e6823b0fa973366ccb472844c4b782fdd
GET /contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3667347890%26z%3D5307589%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D8AyS_PO5ZVcrPjYVgEbqovhwQiZucN0BwK-DfYFsJfF8wJoamE4d3P6oz2MBM0DDJzlvFIAKcO2t_8aOj7GhjAlpHTRBDJYqPIzLeYMUlQ4nQ8XP_FY4qqQE2-W_6ML_lNG5DFAxN01jtFOE8ittJ1qlLOoV7DUa-JjpSxLxYxBsl0a4L04ruJcoAf08s-Fb4lkIFPJ9mwlRlMGomNKzWMqiqTLnIWgZK919sUCLBU2aTtLIKzlDzCX1bA5BwTPS_VbMom7E8xLwZZUNbyM6o0f_F8X0_Sa9966HxklpRjMsoLpI2WnBWWPVwz8SyAn7eUqYkxjusHfmZNFABm7gJ3_frQRKcqeFeS71eIldxJg0D5SBcFSz-um1GM6DWi19MYCYHqvBidv7yFYjXT93HJKUGUrUBkUptxZmvcGeBJU7OQsj2rDffEQ0QFdf34gSoEk2ig7eEsngQ4u3zAD78_6z3Wda5AaEcYJzlivx8phjAnQ8lZPqr4_WRCHBfBOlanwpzcb2AvKnEa3pGSElyXyF2YdcgfQXQFrA4P6Mr5R4lvy3Q6WgoiXlET4zInTD-TpnuS7RX_U7nHAlbRCn5ccDQ_HpoGn0W4MHdPzd_sYR2tWpEID6-AqwlDLx9czveWmEGQL_DF6hfW55%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D66ac233f-7e1d-4499-9431-48da8cea3465%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY8V8%252Fkur6996.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: image/jpeg
content-length: 51805
last-modified: Wed, 19 Jan 2022 15:54:55 GMT
etag: "61e8344f-ca5d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 671e371ca656241a058e39f941f52b91
e2f8c597830dbf6798c6e67563b25f8f2c5b9761
c8cf9147235e2f68fb2a2aa6aaab3d8934bb8e1a2a19e94e8c9ef6310ffdf88a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8CF9147235E2F68FB2A2AA6AAAB3D8934BB8E1A2A19E94E8C9EF6310FFDF88A"
Last-Modified: Wed, 05 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18174
Expires: Fri, 07 Oct 2022 17:10:41 GMT
Date: Fri, 07 Oct 2022 12:07:47 GMT
Connection: keep-alive
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 22752a19139ee56369dc36d93b95e95e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 07 Oct 2022 12:07:48 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3e5298bf4be5790083764fd111c9d61c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/impression/TVHt-g6xsNrK5PHukdGkvtsmWnTObW-o4Go8rgIt8Ik3SAZqSN9uq6vsm6It-b0z9HMrdZDkYjAzzVQqq08ZmUZjRsjpyiifuJdhpJddJwlzqv867Dq6F7lHtBLAveVu_p1r2L6vQEX2rkbluflv8mQUyqFCIbPeB57wyphsi3y2Wl3pzgttG8ChpArHj1oMIsf4pU4ejHIqxaHOjGcPu4qlIpqa3sksqN4bqgcCSlvmZZSqoFkN-gecOg44TfBxALo6ro2XFGt9_yl1WCkiHQWhvkaTG7iVKdSPWfaO6P7KMZeViD2E_zWh6x8wBMLTEUphXjZm8fDixAmLW1q1oBk_GXUjtEi6_eU9Xr3ZKFlNCuBiYnmI3pFyrzTvLYBqpuulDrr6XaEtU9i6YMcmgIyI9mntZS6EoaEuxwph04igWq1n9YspxtQXyJWSaUCW9--UNzfnxBItdIu0Lcql-0-qjHeWCZX5ab0mRx6myJtuuiQeU2G6mfVxuLkkJV7bYBFLtvdCvAMPrW-Ic_VMYnn2rWWx_nwXZ0DvPEndWXxjBvgJokgdU3z0KmaXlyDBZSdTt8gE0TbJye00eaddzMne146SPEeu?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/TVHt-g6xsNrK5PHukdGkvtsmWnTObW-o4Go8rgIt8Ik3SAZqSN9uq6vsm6It-b0z9HMrdZDkYjAzzVQqq08ZmUZjRsjpyiifuJdhpJddJwlzqv867Dq6F7lHtBLAveVu_p1r2L6vQEX2rkbluflv8mQUyqFCIbPeB57wyphsi3y2Wl3pzgttG8ChpArHj1oMIsf4pU4ejHIqxaHOjGcPu4qlIpqa3sksqN4bqgcCSlvmZZSqoFkN-gecOg44TfBxALo6ro2XFGt9_yl1WCkiHQWhvkaTG7iVKdSPWfaO6P7KMZeViD2E_zWh6x8wBMLTEUphXjZm8fDixAmLW1q1oBk_GXUjtEi6_eU9Xr3ZKFlNCuBiYnmI3pFyrzTvLYBqpuulDrr6XaEtU9i6YMcmgIyI9mntZS6EoaEuxwph04igWq1n9YspxtQXyJWSaUCW9--UNzfnxBItdIu0Lcql-0-qjHeWCZX5ab0mRx6myJtuuiQeU2G6mfVxuLkkJV7bYBFLtvdCvAMPrW-Ic_VMYnn2rWWx_nwXZ0DvPEndWXxjBvgJokgdU3z0KmaXlyDBZSdTt8gE0TbJye00eaddzMne146SPEeu?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/TVHt-g6xsNrK5PHukdGkvtsmWnTObW-o4Go8rgIt8Ik3SAZqSN9uq6vsm6It-b0z9HMrdZDkYjAzzVQqq08ZmUZjRsjpyiifuJdhpJddJwlzqv867Dq6F7lHtBLAveVu_p1r2L6vQEX2rkbluflv8mQUyqFCIbPeB57wyphsi3y2Wl3pzgttG8ChpArHj1oMIsf4pU4ejHIqxaHOjGcPu4qlIpqa3sksqN4bqgcCSlvmZZSqoFkN-gecOg44TfBxALo6ro2XFGt9_yl1WCkiHQWhvkaTG7iVKdSPWfaO6P7KMZeViD2E_zWh6x8wBMLTEUphXjZm8fDixAmLW1q1oBk_GXUjtEi6_eU9Xr3ZKFlNCuBiYnmI3pFyrzTvLYBqpuulDrr6XaEtU9i6YMcmgIyI9mntZS6EoaEuxwph04igWq1n9YspxtQXyJWSaUCW9--UNzfnxBItdIu0Lcql-0-qjHeWCZX5ab0mRx6myJtuuiQeU2G6mfVxuLkkJV7bYBFLtvdCvAMPrW-Ic_VMYnn2rWWx_nwXZ0DvPEndWXxjBvgJokgdU3z0KmaXlyDBZSdTt8gE0TbJye00eaddzMne146SPEeu?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:52 GMT
content-type: image/gif
content-length: 43
x-trace-id: 0e676d863fedccf85c44a554bfea31e3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:52 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 116b0074e8699efa180cc3ab7e670954
719e3710782e984692521686a742d85981510dec
ee153d83c32731d5c84bf90478d4c537b1fc4324040bd8cd06e98acf01216569
GET /500/5307588?excludes=15091650&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:52 GMT
content-type: application/javascript
x-trace-id: 98bbdecaa9a12e7bea2dc06b956f696b
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=0d3b6972914244e781449c8051686a15&zoneId=5307590&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=0d3b6972914244e781449c8051686a15&zoneId=5307590&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1936da198ba2261be6d3ee46c6cb0a8c
08a0571d95f8ba5263d236903373fd256ac1ce95
d190bf1cdbf7decd8eea135a9eb3ea9b77b5951814e0f52c2a2c580954a07e4e
GET /gid.js?pub=0&userId=0d3b6972914244e781449c8051686a15&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=1e1c9e6699e346e281f971cf13ea2aa0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
nanouwho.com/1?z=5307589
139.45.197.242200 OK 0 B IP 139.45.197.242:0
GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3e0d3956978facc3ccd3dcc9cdb618ba
access-control-expose-headers: X-Sc
x-sc: 272GdyICe5F0K_X13T1HApR6ww-5pUI27CRonpseCLIh_AdrzJ7p0d0lUfIK3dcxD63BnPv-ohdEOyQPUWqjvTjZQt4=
set-cookie: scm=1; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
OAID=bbee866dadbe4a2689d2982bba0b905d; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
oaidts=1665144467; expires=Sat, 07 Oct 2023 12:07:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5307588
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5307588
IP 139.45.197.237:0
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/javascript
x-trace-id: f98f2526574c8f6201e3b31cc7740d81
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=2894f369e8d545d1972fbaf4f094a54e; expires=Sat, 07 Oct 2023 12:07:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3667347890%26z%3D5307589%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D8AyS_PO5ZVcrPjYVgEbqovhwQiZucN0BwK-DfYFsJfF8wJoamE4d3P6oz2MBM0DDJzlvFIAKcO2t_8aOj7GhjAlpHTRBDJYqPIzLeYMUlQ4nQ8XP_FY4qqQE2-W_6ML_lNG5DFAxN01jtFOE8ittJ1qlLOoV7DUa-JjpSxLxYxBsl0a4L04ruJcoAf08s-Fb4lkIFPJ9mwlRlMGomNKzWMqiqTLnIWgZK919sUCLBU2aTtLIKzlDzCX1bA5BwTPS_VbMom7E8xLwZZUNbyM6o0f_F8X0_Sa9966HxklpRjMsoLpI2WnBWWPVwz8SyAn7eUqYkxjusHfmZNFABm7gJ3_frQRKcqeFeS71eIldxJg0D5SBcFSz-um1GM6DWi19MYCYHqvBidv7yFYjXT93HJKUGUrUBkUptxZmvcGeBJU7OQsj2rDffEQ0QFdf34gSoEk2ig7eEsngQ4u3zAD78_6z3Wda5AaEcYJzlivx8phjAnQ8lZPqr4_WRCHBfBOlanwpzcb2AvKnEa3pGSElyXyF2YdcgfQXQFrA4P6Mr5R4lvy3Q6WgoiXlET4zInTD-TpnuS7RX_U7nHAlbRCn5ccDQ_HpoGn0W4MHdPzd_sYR2tWpEID6-AqwlDLx9czveWmEGQL_DF6hfW55%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D66ac233f-7e1d-4499-9431-48da8cea3465%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY8V8%252Fkur6996.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 0 B URL HTTP/2 interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3667347890%26z%3D5307589%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D8AyS_PO5ZVcrPjYVgEbqovhwQiZucN0BwK-DfYFsJfF8wJoamE4d3P6oz2MBM0DDJzlvFIAKcO2t_8aOj7GhjAlpHTRBDJYqPIzLeYMUlQ4nQ8XP_FY4qqQE2-W_6ML_lNG5DFAxN01jtFOE8ittJ1qlLOoV7DUa-JjpSxLxYxBsl0a4L04ruJcoAf08s-Fb4lkIFPJ9mwlRlMGomNKzWMqiqTLnIWgZK919sUCLBU2aTtLIKzlDzCX1bA5BwTPS_VbMom7E8xLwZZUNbyM6o0f_F8X0_Sa9966HxklpRjMsoLpI2WnBWWPVwz8SyAn7eUqYkxjusHfmZNFABm7gJ3_frQRKcqeFeS71eIldxJg0D5SBcFSz-um1GM6DWi19MYCYHqvBidv7yFYjXT93HJKUGUrUBkUptxZmvcGeBJU7OQsj2rDffEQ0QFdf34gSoEk2ig7eEsngQ4u3zAD78_6z3Wda5AaEcYJzlivx8phjAnQ8lZPqr4_WRCHBfBOlanwpzcb2AvKnEa3pGSElyXyF2YdcgfQXQFrA4P6Mr5R4lvy3Q6WgoiXlET4zInTD-TpnuS7RX_U7nHAlbRCn5ccDQ_HpoGn0W4MHdPzd_sYR2tWpEID6-AqwlDLx9czveWmEGQL_DF6hfW55%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D66ac233f-7e1d-4499-9431-48da8cea3465%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY8V8%252Fkur6996.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
GET /?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3667347890%26z%3D5307589%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D8AyS_PO5ZVcrPjYVgEbqovhwQiZucN0BwK-DfYFsJfF8wJoamE4d3P6oz2MBM0DDJzlvFIAKcO2t_8aOj7GhjAlpHTRBDJYqPIzLeYMUlQ4nQ8XP_FY4qqQE2-W_6ML_lNG5DFAxN01jtFOE8ittJ1qlLOoV7DUa-JjpSxLxYxBsl0a4L04ruJcoAf08s-Fb4lkIFPJ9mwlRlMGomNKzWMqiqTLnIWgZK919sUCLBU2aTtLIKzlDzCX1bA5BwTPS_VbMom7E8xLwZZUNbyM6o0f_F8X0_Sa9966HxklpRjMsoLpI2WnBWWPVwz8SyAn7eUqYkxjusHfmZNFABm7gJ3_frQRKcqeFeS71eIldxJg0D5SBcFSz-um1GM6DWi19MYCYHqvBidv7yFYjXT93HJKUGUrUBkUptxZmvcGeBJU7OQsj2rDffEQ0QFdf34gSoEk2ig7eEsngQ4u3zAD78_6z3Wda5AaEcYJzlivx8phjAnQ8lZPqr4_WRCHBfBOlanwpzcb2AvKnEa3pGSElyXyF2YdcgfQXQFrA4P6Mr5R4lvy3Q6WgoiXlET4zInTD-TpnuS7RX_U7nHAlbRCn5ccDQ_HpoGn0W4MHdPzd_sYR2tWpEID6-AqwlDLx9czveWmEGQL_DF6hfW55%26bag%3DK9GC8xFjczykNNyRrWsoXw%3D%3D%26ruid%3D66ac233f-7e1d-4499-9431-48da8cea3465%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY8V8%252Fkur6996.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=RnsDfcBlH9A8KNKTYfIwICrLZVEW6f3goNHautyKvBk; expires=Fri, 07-Oct-2022 13:07:47 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 12:07:46 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GES53KKE0VYVCNFNW8FCWPSA-ams
cf-cache-status: HIT
age: 417
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 756684b22b2ffac0-OSL
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5307588?excludes=&oaid=1e1c9e6699e346e281f971cf13ea2aa0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY8V8%2Fkur6996.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=2894f369e8d545d1972fbaf4f094a54e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/javascript
x-trace-id: bcd1b41b05585eed561f54c06b68c448
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=1e1c9e6699e346e281f971cf13ea2aa0; expires=Sat, 07 Oct 2023 12:07:47 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 07 Oct 2022 12:07:46 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=817323766
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=817323766
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=817323766 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 99b4586979a9a959eff0ac2d4e7ba310
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/Y8V8/kur6996.rar
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/Y8V8/kur6996.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /Y8V8/kur6996.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; expires=Fri, 07-Oct-2022 14:07:45 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D; expires=Fri, 07-Oct-2022 14:07:45 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Fri, 07 Oct 2022 12:07:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:07:45 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
cache-control: s-maxage=10
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y8V8/kur6996.rar
Cookie: XSRF-TOKEN=eyJpdiI6Ik9GdUs1UjVjTS9lV0t1b1BPUHUrTkE9PSIsInZhbHVlIjoiK2w0WWVZWkhwR3paL0NXTDAvUXBFYm5CVThqTDlwczZEVzVLMEJ0aWYxZU9PdVJTaTJoN1pXOUNCUWRBYWg1ckhuUGZBbEx6aUF0SDdCTU00anJOK0ozbUpvWVB5UVBpOXBPZ1Y5UCtjQ2FHblg0cUs1ZkM3cFZBanRzUGxlL2siLCJtYWMiOiJjZDdmYWJmYmRmZDM5YTU5ODU3MzZmOGZmZWEyZjgwZTg0NWU0ZjNkOTE3ZTMzMGQ3YmZkZjFhZTBiY2M5ZTczIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6ImZyYjRwTEljV25Gbi9lZWVxWG8rNVE9PSIsInZhbHVlIjoiQmpIR3NydEtuVEhqYVBUWlFGUjdrQlhWVUQ3SkRGMXUxcjUvV3JjOUhEb0Eydjg0SmRRT1lHaUgzTjU5UDZBZHhsNGVGTzRocy9sUG8vN0gzQTN5c2MwNloycDd6eS9XS1JNMUhzKytxRXdncVJiNE9NUWlGL2VqRnFzT1RBNFgiLCJtYWMiOiIwOTI2N2Y1YTk4ZTc3YjYwYjkwOWY3ZWJlNzY4MWMyMWUxZjNmMDYyZmFiMWUzMTBjMzhhMmFkYzJhMTM1ZTQ5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 12:07:45 GMT
last-modified: Fri, 07 Oct 2022 12:07:45 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 12:07:47 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 90
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2EEiDwEFPut8zRvjvV7nCrjhWnZUWb%2FY7ndR%2FaTqzuxVTpdlvkD0K4wgBPvbw%2F5rTYrU6J7llg7RLrTTfdObPLrhiLHyTGEIux9vDOhlph65rutytyulPqoX46Rbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756684b87991b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2