| anonzip.com/C4r/Windows.rar | 135.181.248.190 | 200 OK | 4.6 kB |
URL User Request GET HTTP/1.1anonzip.com/C4r/Windows.rar IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash14cbab8ee0d7b7510dce29d37882c530 211b718a229fc44697bab2ce44467fcd868252e2 6f0a1ff56a833d282a3ff82ae8e6da478bf68b9fa4f875fbcc7ac69fcb55303f
GET /C4r/Windows.rar HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5; expires=Sun, 05-May-2024 10:18:43 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Encoding: gzip
|
|
| anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css | 135.181.248.190 | 200 OK | 77 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/bootstrap.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (65319), with CRLF line terminators Hash9b67b9ffbfcbe226a8c413fa740fd91c 7837bd0c312897e46311aaf472947f3e23d75df2 2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 76922
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-12c7a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css | 135.181.248.190 | 200 OK | 3.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash4541b29b6040bc31b760f98e914fd1d7 0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba 6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 3160
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-c58"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/socicon.css | 135.181.248.190 | 200 OK | 9.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/socicon.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash910a42ce112991b31b30a735f1006a5f 6c8b4769270f1c86bb1c7a6b54325465395ba614 010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 9838
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-266e"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/lightbox.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash30265c8089a8f3e871d0873ef6a5b944 2804a2fe5a6a956626ce6a46adf6b1a0676ee13d f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 3889
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f31"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/jquery.steps.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash25cfe48e07622a00154b677afcbaeb47 23e3ae1bd04ad1d00d25d30e39815104ceeae52f 709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 6019
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1783"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/flickity.css | 135.181.248.190 | 200 OK | 2.5 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/flickity.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Hash244d315064064270eabbbb7ac9f6c700 21ad53d3efbb40154293190173ee0c497ed7651c ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 2521
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-9d9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css | 135.181.248.190 | 200 OK | 12 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/cookiealert.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (11486), with CRLF line terminators Hash3d2946aeae3cc8f43e2acf82ea029bd4 c25a0bd445ff9e6034d34e8f388f5565515a2783 705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3051"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css | 135.181.248.190 | 200 OK | 59 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with very long lines (58929), with CRLF line terminators Hash879812fc22af75aa3ae7b5666ca4f4b8 df27469a952b7ee36cc03db471c6198f577186a8 c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 59119
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-e6ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/custom.css | 135.181.248.190 | 200 OK | 8.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/custom.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash65417cde74809cb9b9e66d0ab4adc448 9729ccac013729aed790fdc25d71d858f50a137b c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 8936
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-22e8"
Accept-Ranges: bytes
|
|
| www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GWR0PX9LQC IP142.250.74.168:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101604 bytes) Hashaa9a11248d77dd21bba3adf175c4de36 33dd2cd46f475d590b86fbe8e45f01fe04414863 23d8af290ede4c125065d6f33d92130c9482715c022a5f8860944ae61893c288
GET /gtag/js?id=G-GWR0PX9LQC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 10:18:43 GMT
expires: Sat, 04 May 2024 10:18:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js | 135.181.248.190 | 200 OK | 70 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (768), with CRLF line terminators Hash6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: application/javascript
Content-Length: 69754
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1107a"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js | 135.181.248.190 | 200 OK | 87 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators Hash5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: application/javascript
Content-Length: 86713
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-152b9"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206456 bytes) Hashe13b70f9d6654b3656aec5b1bd5ae02a 903010ac4b9034f6839847a20ecd0f5a728b2b96 8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 206456
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-32678"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/typed.min.js | 135.181.248.190 | 200 OK | 3.9 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/typed.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (3949), with no line terminators Hash2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-f6d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js | 135.181.248.190 | 200 OK | 54 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/flickity.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators Hash8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: application/javascript
Content-Length: 53873
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-d271"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css | 135.181.248.190 | 200 OK | 103 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/iconsmind.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeASCII text, with CRLF line terminators Size103 kB (102727 bytes) Hashc9b1c618a7b12bd7ecf6034164b29164 f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99 fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 102727
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-19147"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js | 135.181.248.190 | 200 OK | 14 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/jquery.steps.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators Hash0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 13862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3626"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/datepicker.js | 135.181.248.190 | 200 OK | 21 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/datepicker.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators Hash8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-51ef"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/granim.min.js | 135.181.248.190 | 200 OK | 11 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/granim.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators Hash714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 10635
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-298b"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css | 135.181.248.190 | 200 OK | 206 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/css/theme/charcoal.css IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeassembler source, ASCII text, with CRLF line terminators Size206 kB (206493 bytes) Hash08f6281c909985fb24a5e3ad2be6753a 3a2f1161f8aea5fab0f54b64f43f293d9f1316c3 dbe98b73866341078c596a42b87af67c03a79cf591d02467842939ce0848a55d
GET /themes/spirit/assets/frontend/css/theme/charcoal.css HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:43 GMT
Content-Type: text/css
Content-Length: 206493
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-3269d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js | 135.181.248.190 | 200 OK | 5.4 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/countdown.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators Hash76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 5360
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-14f0"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js | 135.181.248.190 | 200 OK | 6.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators Hashc9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 6028
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-178c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/scripts.js | 135.181.248.190 | 200 OK | 115 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/scripts.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (914), with CRLF line terminators Size115 kB (114862 bytes) Hashce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 114862
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1c0ae"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js | 135.181.248.190 | 200 OK | 1.8 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/js/cookiealert.js IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-72c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo-whitebg.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hash6c1e20bb65960360a6d1782e017c9314 d864c40dbd565e934fddeea36938456d6a26982c fafe927a322a36285028582aa429b7c47877cad76d2783d2b6ba3155e66bf9c6
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: image/png
Content-Length: 6221
Last-Modified: Sun, 04 Feb 2024 12:00:04 GMT
Connection: keep-alive
ETag: "65bf7c44-184d"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/images/logo/logo.png | 135.181.248.190 | 200 OK | 6.2 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/images/logo/logo.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 588 x 94, 8-bit colormap, non-interlaced Hashecb7f5dbe1eee9fcc3d5839f7d2bb2fb 59c65d814622d7ea901cd367b4114cea05fdf1b9 d53d70c5ee49ccc36c86eca632815e1eb254786c4041b228196bb8c0cb635b20
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: image/png
Content-Length: 6204
Last-Modified: Sun, 04 Feb 2024 11:52:58 GMT
Connection: keep-alive
ETag: "65bf7a9a-183c"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 | 135.181.248.190 | 200 OK | 4.3 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 4292, version 1.0 Hashae072782b361d2afdbf43db08d3cfb73 f3db2e65b53d97491672f8631e21d6d05905cc88 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-10c4"
Accept-Ranges: bytes
|
|
| anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 | 135.181.248.190 | 200 OK | 80 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 80148, version 331.17301 Hashc500da19d776384ba69573ae6fe274e7 6290834672aba86d5b6c1c73b30b57c9c53996f7 cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-13914"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 200624
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 200624
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 200624
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 200624
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19280, version 1.0 Hash386fb59be54b2d819064af98e57cc226 9e2d14d736be97ec84bfca3513558450cd6e3249 b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:32:40 GMT
expires: Sat, 03 May 2025 02:32:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
age: 114364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 200624
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16516, version 1.0 Hash02ea59496b25ec14db0cd442451bf9f7 4266d37e1db030954b04cd1cf3ec06591d75fcab dc0387c80ff53df47ca7ec19db75224fdb90a230f6cb06605563590b9791bf95
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:16:47 GMT
expires: Fri, 02 May 2025 19:16:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:21 GMT
content-type: font/woff2
age: 140517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/61794 | 139.45.197.242 | 200 OK | 6.5 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typegzip compressed data, max speed, from Unix Hash907eeb1fb41518f48781d5f9f77b819c edca06f3ed76e3721f062c33529e085d8c37672b 861b44ef1f218ca7553862d34be848b8dd9f5d8c6cf8c8ce835aa25dfca66b94
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/61794 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png | 135.181.248.190 | 200 OK | 447 B |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashf3d5da06fe8d5a2425d5d229285e5eea 01032b864f3c74bbf44771e2ba41eeb2251fad90 d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5; _ga_GWR0PX9LQC=GS1.1.1714817924.1.0.1714817924.0.0.0; _ga=GA1.1.1715333093.1714817925
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: image/png
Content-Length: 447
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1bf"
Accept-Ranges: bytes
|
|
| my.rtmark.net/gid.js?userId=0080520728d84fcbfec3fd5764890f66 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080520728d84fcbfec3fd5764890f66 IP139.45.195.8:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash0981814bf929c532659c364bb76cdc65 2bae4a3751472042f3ed03ae6e55d8427de9cd11 587fc11e2436b4f2deca9164ecab340b5682ac7cc8a3ad931ef52a1cf702d1ba
GET /gid.js?userId=0080520728d84fcbfec3fd5764890f66 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080520728d84fcbfec3fd5764890f66; expires=Sun, 04 May 2025 10:18:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| cameesse.net/1?z=7406590 | 139.45.197.242 | 200 OK | 17 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typegzip compressed data, max speed, from Unix Hashff2e6c9a05debf9451131c444aa1d1d9 cf979071e16165d71d83a32fa02a203587adc43b 2b3e7cd4a0560936351413c678fe3ae76f6884e30bdb2ae6ccc8d3f99bd318c0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1?z=7406590 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 0ea67c260afbc0bbfb2812a76f20e616
access-control-expose-headers: X-Sc
x-sc: hIlAC6PAnUcDuRvbh43anddAagkvXJS0fz-LdbqjfEpQrBFh_wxT22v883Pt1q-ec-v46iuv_7Z9DT9P5GkiovmPcUM=
set-cookie: scm=1; expires=Sun, 04 May 2025 10:18:44 GMT; secure; SameSite=None
OAID=0400524015434624edbd6b9679267ca2; expires=Sun, 04 May 2025 10:18:44 GMT; secure; SameSite=None
oaidts=1714817924; expires=Sun, 04 May 2025 10:18:44 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=af784db1-2f96-46d2-b259-b2abc1a99259 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=af784db1-2f96-46d2-b259-b2abc1a99259 IP139.45.195.254:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=af784db1-2f96-46d2-b259-b2abc1a99259 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1745
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 10:18:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonzip.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| gishejuy.com/400/7406589 | 139.45.197.242 | 200 OK | 66 kB |
IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typegzip compressed data, max speed, from Unix Hashf955b07556925002fe70d5dc94527dfa 125a13aee5367e24b00174eb3021160cbd690960 43ddac1e741cb34af5d83407cdfcbe49023e508aeaaffff6bdfa2016efea783f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /400/7406589 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: application/javascript
x-trace-id: 5ea5cb19027e2db01128512971a29d4c
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0300528165ff4a08e711aae7b65d1d94; expires=Sun, 04 May 2025 10:18:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aistekso.net/500/7406591?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 0 B |
URL OPTIONS HTTP/2aistekso.net/500/7406591?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406591?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/7406591 | 139.45.197.244 | 200 OK | 50 kB |
IP139.45.197.244:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typegzip compressed data, max speed, from Unix Hash64a22d7c263ea5742e299e69e5eaa38b cd8a9298a82612f6819afc51ed692cc5172dced2 6e7d7e920cd010f699aa001263c0e9ca20dd660e00d4930668795a746f6962d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/7406591 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: application/javascript
x-trace-id: eba7170947f702c02186ebf597749b20
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030052f0b5024d3cf9ffbc09875c4caa; expires=Sun, 04 May 2025 10:18:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 | 139.45.197.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/2cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| cameesse.net/11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=140 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2cameesse.net/11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=140 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ot=140 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=0080520728d84fcbfec3fd5764890f66; oaidts=1714817924
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: d97f90224babd76a971a1b9c01314467
access-control-expose-headers: X-Sc
set-cookie: OAID=0080520728d84fcbfec3fd5764890f66; expires=Sun, 04 May 2025 10:18:45 GMT; secure; SameSite=None
oaidts=1714817924; expires=Sun, 04 May 2025 10:18:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.32.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:45 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Sat, 04 May 2024 20:06:53 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 51109
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bfa4deb510b1-CPH
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 0 B |
URL OPTIONS HTTP/2gishejuy.com/500/7406589?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 | 139.45.197.242 | 204 No Content | 2.7 kB |
URL OPTIONS HTTP/2cameesse.net/9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hash6f0a885c7b256d621b3263f832c2d87b d08ecfc935ae20320ea7bebf4e16871adcde05ea cfc44e101cda75310b34a0f6969e84f50ae80c28cebd7dca32fa4d8f5e459aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /9?z=7406590&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=0080520728d84fcbfec3fd5764890f66 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 106
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=0400524015434624edbd6b9679267ca2; oaidts=1714817924
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 8aa9418ce08f60e685600a8cfcff5c5c
access-control-expose-headers: X-Sc
set-cookie: OAID=0080520728d84fcbfec3fd5764890f66; expires=Sun, 04 May 2025 10:18:45 GMT; secure; SameSite=None
oaidts=1714817924; expires=Sun, 04 May 2025 10:18:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonzip.com/sw.js | 135.181.248.190 | 200 OK | 5.2 kB |
IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typeJavaScript source, ASCII text, with very long lines (5235) Hashf3da3a180b9fcc93796c2e0064f80439 d3155e90b8bb0ccd2db019fa66beebf3f28d9116 2cfd12766505422ce33dad30985158e425f686a6a4e18d8a44e67b7c1af9451f
GET /sw.js HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/C4r/Windows.rar
DNT: 1
Connection: keep-alive
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5; _ga_GWR0PX9LQC=GS1.1.1714817924.1.0.1714817924.0.0.0; _ga=GA1.1.1715333093.1714817925; prefetchAd_7406588=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:45 GMT
Content-Type: application/javascript
Content-Length: 5236
Last-Modified: Sun, 28 Apr 2024 12:25:27 GMT
Connection: keep-alive
ETag: "662e4037-1474"
Accept-Ranges: bytes
|
|
| cameesse.net/121?rnd=2993975909&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810567735617531904&cln={CELL_NUMBER}&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&bag=ydU9kaAfa6I=&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904 | 139.45.197.242 | 302 Found | 0 B |
URL GET HTTP/2cameesse.net/121?rnd=2993975909&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810567735617531904&cln={CELL_NUMBER}&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&bag=ydU9kaAfa6I=&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /121?rnd=2993975909&z=7406590&b=20830638&c=8121703&var=&varid=0&d=https%3A%2F%2Fsecuredpeacomm.com%2Fin%2F%3Ftg%3Dhttps%3A%2F%2Ftrack.jefytrack.com%2F145f6684-c379-407a-a2eb-922622a713e1%26zoneid%3D7406590%26campaignid%3D8121703%26carrier%3D%7Bcarrier%7D%26connectiontype%3D%7Bconnection.type%7D%26isp%3D%7Bisp%7D%26cost%3D%7Bcost%7D%26visitor_id%3D810567735617531904&cln={CELL_NUMBER}&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&bag=ydU9kaAfa6I=&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=0080520728d84fcbfec3fd5764890f66; oaidts=1714817924
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-length: 0
location: https://securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810567735617531904
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: c7fac7e170fc8c74f5d01a5958f14b17
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 374
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c42726f8aa440cbd5d0a955277babd9c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 753
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e0af34eb7a172a184d69cfb511d8aa1a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:46 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.193.52 | 200 OK | 7.4 kB |
IP172.67.193.52:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzNdu2YmAXLI3rMpknuXGeDCER47sI6bVkRzTljEy6jVnqYHdxjs0Uh08QBxTS13tJUeSMxGhTAGXD7krwhaOBl7X5IF6tw3iPvqVJ5bwnpLQmk4scruElOqi7kk%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bfa0dcb65695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| moonoafy.net/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 383
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:46 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5b748f557d468fa2c7d7a21cc3a5f5e4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash580b2eed58315b50da84c11470ce0542 55b8e33669ba303f4fdfb23616e6547daa662097 d6d13fd186321951050848593f5ebc6bac26eebad99cc6a2106517cf6ac5d465
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Content-Type: application/json
Content-Length: 511
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:46 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810567735617531904 | 104.21.64.36 | 302 Found | 0 B |
URL GET HTTP/2securedpeacomm.com/in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810567735617531904 IP104.21.64.36:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectsecuredpeacomm.com FingerprintE2:58:9B:FC:54:26:CA:CC:89:05:0D:28:D6:2E:28:9E:39:7E:5F:D6 ValidityMon, 15 Apr 2024 19:27:34 GMT - Sun, 14 Jul 2024 19:27:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/?tg=https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1&zoneid=7406590&campaignid=8121703&carrier={carrier}&connectiontype={connection.type}&isp={isp}&cost=&visitor_id=810567735617531904 HTTP/1.1
Host: securedpeacomm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 10:18:46 GMT
content-type: text/html; charset=UTF-8
location: https://track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810567735617531904&ctrl_fetch_dest=iframe&ctrl_id=66360b8664273351898631&ctrl_ts=1714817926.4102&ctrl_ab=burp
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NoUGGIFnM8Ppv5i4lzMYgWyVjGCurMRs6jkB%2BWbCSIHSfkPEHYJUWcX31uNVdHU9%2B3Ej3XC4ozju%2BjxtqNTQTt4%2BjBqZ5jq7kwhtkvtbE%2FQztmcM1FYr5Utm2mCxOUltWiTn5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7bfa5ba535690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/FvkZWIF3m-upjdA0lBH-FWqACPolNdgtWENl9urdMcAcRmYQioJg6fz8Di-Y6mJV0Tfid-L90Y7LOTmkLvUP2RwrdAOTHSkavntr9NByX45D4Ryzrjc-sqN2iNhBabbL_vAD4Pz-cChaXzHCiJd1Rnwc5dRbvkPtyxEhvcIaAStRdRvoTQ9kpY0Z-gv_0o12zLEZxHc4SkA9DuSJPDeUzCdUTRTxUaaExSsbIJPS4yUsRYGYwIRkY4qCSmsm0SAFyxcjFvjF8X9JGQ-1VWb0dAq8uR4kmYc519DL8hFPffN-Rh-e1E5fz05Cc2GFlTntDCtWh69DiHUpqPNdb1hv5_2P1mx9NndqZBHc7AFzMNd9jPS9mFOkWMw4OWcLA8h0_RYFh2ZfAr8KKdcOjxYxgFDiLtoP6Xpb_pYyn0hJaTScHUnieKaj-5H5qaWfBd5Bui8ZPyDMA06Hw-pwDHG4CD9M6krI4VATpn0gspApoe3xfYcFk-ryDgwlEy3o6Z86v-PPR-8gCHChFfW9BrCTatsVTZtyvWCJnAXa0ZJ9QXAomrejpp1TUQ_K1ZqzOLds5S41XMT4GBqMF3F6du2iwiDIYm1CVwP9zi4gO-DWelVaFtjxittKs00sLXVaZI9749ITrjyp3FKqL3s4INZqZOlDC6EhKgrT6W6tktq0gQjQUD1nHj6M_d0xEHCB_r-H22VzIQ7CZiqIBOQzjuF5uXUolPVgwRkb9UC4xrFq6M--Hhv-YIAIH_qpteUXynP12BJFrCIK5JKaShKLwhK5e4nWY2Wh1Luj0So9Z7vxScEDuZ6a0KGx5ccivZU=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/FvkZWIF3m-upjdA0lBH-FWqACPolNdgtWENl9urdMcAcRmYQioJg6fz8Di-Y6mJV0Tfid-L90Y7LOTmkLvUP2RwrdAOTHSkavntr9NByX45D4Ryzrjc-sqN2iNhBabbL_vAD4Pz-cChaXzHCiJd1Rnwc5dRbvkPtyxEhvcIaAStRdRvoTQ9kpY0Z-gv_0o12zLEZxHc4SkA9DuSJPDeUzCdUTRTxUaaExSsbIJPS4yUsRYGYwIRkY4qCSmsm0SAFyxcjFvjF8X9JGQ-1VWb0dAq8uR4kmYc519DL8hFPffN-Rh-e1E5fz05Cc2GFlTntDCtWh69DiHUpqPNdb1hv5_2P1mx9NndqZBHc7AFzMNd9jPS9mFOkWMw4OWcLA8h0_RYFh2ZfAr8KKdcOjxYxgFDiLtoP6Xpb_pYyn0hJaTScHUnieKaj-5H5qaWfBd5Bui8ZPyDMA06Hw-pwDHG4CD9M6krI4VATpn0gspApoe3xfYcFk-ryDgwlEy3o6Z86v-PPR-8gCHChFfW9BrCTatsVTZtyvWCJnAXa0ZJ9QXAomrejpp1TUQ_K1ZqzOLds5S41XMT4GBqMF3F6du2iwiDIYm1CVwP9zi4gO-DWelVaFtjxittKs00sLXVaZI9749ITrjyp3FKqL3s4INZqZOlDC6EhKgrT6W6tktq0gQjQUD1nHj6M_d0xEHCB_r-H22VzIQ7CZiqIBOQzjuF5uXUolPVgwRkb9UC4xrFq6M--Hhv-YIAIH_qpteUXynP12BJFrCIK5JKaShKLwhK5e4nWY2Wh1Luj0So9Z7vxScEDuZ6a0KGx5ccivZU=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/FvkZWIF3m-upjdA0lBH-FWqACPolNdgtWENl9urdMcAcRmYQioJg6fz8Di-Y6mJV0Tfid-L90Y7LOTmkLvUP2RwrdAOTHSkavntr9NByX45D4Ryzrjc-sqN2iNhBabbL_vAD4Pz-cChaXzHCiJd1Rnwc5dRbvkPtyxEhvcIaAStRdRvoTQ9kpY0Z-gv_0o12zLEZxHc4SkA9DuSJPDeUzCdUTRTxUaaExSsbIJPS4yUsRYGYwIRkY4qCSmsm0SAFyxcjFvjF8X9JGQ-1VWb0dAq8uR4kmYc519DL8hFPffN-Rh-e1E5fz05Cc2GFlTntDCtWh69DiHUpqPNdb1hv5_2P1mx9NndqZBHc7AFzMNd9jPS9mFOkWMw4OWcLA8h0_RYFh2ZfAr8KKdcOjxYxgFDiLtoP6Xpb_pYyn0hJaTScHUnieKaj-5H5qaWfBd5Bui8ZPyDMA06Hw-pwDHG4CD9M6krI4VATpn0gspApoe3xfYcFk-ryDgwlEy3o6Z86v-PPR-8gCHChFfW9BrCTatsVTZtyvWCJnAXa0ZJ9QXAomrejpp1TUQ_K1ZqzOLds5S41XMT4GBqMF3F6du2iwiDIYm1CVwP9zi4gO-DWelVaFtjxittKs00sLXVaZI9749ITrjyp3FKqL3s4INZqZOlDC6EhKgrT6W6tktq0gQjQUD1nHj6M_d0xEHCB_r-H22VzIQ7CZiqIBOQzjuF5uXUolPVgwRkb9UC4xrFq6M--Hhv-YIAIH_qpteUXynP12BJFrCIK5JKaShKLwhK5e4nWY2Wh1Luj0So9Z7vxScEDuZ6a0KGx5ccivZU=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=0080520728d84fcbfec3fd5764890f66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: 42567a6e0d49fd5082149fd40af643d0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| aistekso.net/impression/JdfdOMKPMGctQMxl9IoIiLiMBJ03CRsyoIyMQ1BoVEiGzdUJlYj77eOYYzFb78tdKaJSc1c7NVLCPuiABStvzmLM-qTVR2kb7TRy6QRnbX8IOukfgkP6Zw3RCiJ2Mrpn6tYzWVpsLKr7bYrM0YZ3_L9PHcQ6jFpmnHEyyItT8_ULxgOQMaBQkdaosm8EUN0kUxkyvWnoONUNZcEoIdU2Fjn8sED1hzlh0021YdAcD7cKGQ40vAmcnOU6mtBjmklQdwC1RKBEXuGy-arcOTRFbeyrK3Mlu0HmJl8ORqiNClGzWnFulpylGZzNLQwLBJAx8fQpVYeXTv183UN42dR-X7qQanAMLPgsXZa3uRXcaDs9cw-3J_Dtuw_JY2bB7pKhnwNUvBzRpKQsOHIwXlcW1Jmh_eWnE8-JiicLfW1laDnnMbVTl_tLI4mCp7_qNMVz3fYUQZc_xAPitzUAeCX4v0E8vhLIJxJJqizxSO6iFXfucuGReFp3SRB52dQGnP0aACrQWh3UoFLShFgydGR9Y8xFdO0KaWGhyElJATa2dXn9Hex97xGzzsDluYIqElXo8FyRCQ7tlLvhJbK90s98oDLrhBDQKmtiQIvDyuQqgbA88m6tnknP4imbwXdckMMDdF-2yZFtqgXxEKKgkhcdH57-T-qOoUsqNiIRwHMguXGXliul3mcmASe5o8sKGsq8UvaMGkC1Tz-rxUMbVk_Tqa6bPUG6EJHSi5bio3gKKmsdrGdBK9SKKzmDfTf_8X40J7zJSpNcTTUQ0LlXb-dmQ-TZGr5kQj8OBWBuBYbl5Mqzy8Ue8XcXcXN_8Tw=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 43 B |
URL GET HTTP/2aistekso.net/impression/JdfdOMKPMGctQMxl9IoIiLiMBJ03CRsyoIyMQ1BoVEiGzdUJlYj77eOYYzFb78tdKaJSc1c7NVLCPuiABStvzmLM-qTVR2kb7TRy6QRnbX8IOukfgkP6Zw3RCiJ2Mrpn6tYzWVpsLKr7bYrM0YZ3_L9PHcQ6jFpmnHEyyItT8_ULxgOQMaBQkdaosm8EUN0kUxkyvWnoONUNZcEoIdU2Fjn8sED1hzlh0021YdAcD7cKGQ40vAmcnOU6mtBjmklQdwC1RKBEXuGy-arcOTRFbeyrK3Mlu0HmJl8ORqiNClGzWnFulpylGZzNLQwLBJAx8fQpVYeXTv183UN42dR-X7qQanAMLPgsXZa3uRXcaDs9cw-3J_Dtuw_JY2bB7pKhnwNUvBzRpKQsOHIwXlcW1Jmh_eWnE8-JiicLfW1laDnnMbVTl_tLI4mCp7_qNMVz3fYUQZc_xAPitzUAeCX4v0E8vhLIJxJJqizxSO6iFXfucuGReFp3SRB52dQGnP0aACrQWh3UoFLShFgydGR9Y8xFdO0KaWGhyElJATa2dXn9Hex97xGzzsDluYIqElXo8FyRCQ7tlLvhJbK90s98oDLrhBDQKmtiQIvDyuQqgbA88m6tnknP4imbwXdckMMDdF-2yZFtqgXxEKKgkhcdH57-T-qOoUsqNiIRwHMguXGXliul3mcmASe5o8sKGsq8UvaMGkC1Tz-rxUMbVk_Tqa6bPUG6EJHSi5bio3gKKmsdrGdBK9SKKzmDfTf_8X40J7zJSpNcTTUQ0LlXb-dmQ-TZGr5kQj8OBWBuBYbl5Mqzy8Ue8XcXcXN_8Tw=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/JdfdOMKPMGctQMxl9IoIiLiMBJ03CRsyoIyMQ1BoVEiGzdUJlYj77eOYYzFb78tdKaJSc1c7NVLCPuiABStvzmLM-qTVR2kb7TRy6QRnbX8IOukfgkP6Zw3RCiJ2Mrpn6tYzWVpsLKr7bYrM0YZ3_L9PHcQ6jFpmnHEyyItT8_ULxgOQMaBQkdaosm8EUN0kUxkyvWnoONUNZcEoIdU2Fjn8sED1hzlh0021YdAcD7cKGQ40vAmcnOU6mtBjmklQdwC1RKBEXuGy-arcOTRFbeyrK3Mlu0HmJl8ORqiNClGzWnFulpylGZzNLQwLBJAx8fQpVYeXTv183UN42dR-X7qQanAMLPgsXZa3uRXcaDs9cw-3J_Dtuw_JY2bB7pKhnwNUvBzRpKQsOHIwXlcW1Jmh_eWnE8-JiicLfW1laDnnMbVTl_tLI4mCp7_qNMVz3fYUQZc_xAPitzUAeCX4v0E8vhLIJxJJqizxSO6iFXfucuGReFp3SRB52dQGnP0aACrQWh3UoFLShFgydGR9Y8xFdO0KaWGhyElJATa2dXn9Hex97xGzzsDluYIqElXo8FyRCQ7tlLvhJbK90s98oDLrhBDQKmtiQIvDyuQqgbA88m6tnknP4imbwXdckMMDdF-2yZFtqgXxEKKgkhcdH57-T-qOoUsqNiIRwHMguXGXliul3mcmASe5o8sKGsq8UvaMGkC1Tz-rxUMbVk_Tqa6bPUG6EJHSi5bio3gKKmsdrGdBK9SKKzmDfTf_8X40J7zJSpNcTTUQ0LlXb-dmQ-TZGr5kQj8OBWBuBYbl5Mqzy8Ue8XcXcXN_8Tw=?_z=7406591&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=0080520728d84fcbfec3fd5764890f66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:50 GMT
content-type: image/gif
content-length: 43
x-trace-id: f6f3801948f5ca7a307909e36f64f383
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.32.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:50 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Sat, 04 May 2024 20:06:53 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 51114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bfc08b4510b1-CPH
X-Firefox-Spdy: h2
|
|
| gishejuy.com/500/7406589?excludes=19845928&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 0 B |
URL OPTIONS HTTP/2gishejuy.com/500/7406589?excludes=19845928&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /500/7406589?excludes=19845928&oaid=0080520728d84fcbfec3fd5764890f66&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| externalde.com/out/xyhkxckud/?ctrl_id=66360b8664273351898631&ctrl_ab=burp&ctrl_ts=1714817926.4102&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wj23a03osa94r221je85hs2i | 188.114.96.1 | 302 Found | 21 kB |
URL GET HTTP/2externalde.com/out/xyhkxckud/?ctrl_id=66360b8664273351898631&ctrl_ab=burp&ctrl_ts=1714817926.4102&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wj23a03osa94r221je85hs2i IP188.114.96.1:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectexternalde.com Fingerprint0D:2A:5D:DC:29:15:BD:05:1C:8E:F1:C5:82:D4:C0:5C:D6:A5:AB:58 ValiditySat, 27 Apr 2024 14:00:09 GMT - Fri, 26 Jul 2024 14:00:08 GMT
File typegzip compressed data, max speed, from Unix Hash826d23716d611fc6ad47b58b18a3dd24 71d01a6edbc7ddf6976cbd9fab89ea3d918c506b a8072c55ff50d5623b1a2c5ae46edc3d2773e5fe4e51dd9068ba0a601287c136
GET /out/xyhkxckud/?ctrl_id=66360b8664273351898631&ctrl_ab=burp&ctrl_ts=1714817926.4102&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wj23a03osa94r221je85hs2i HTTP/1.1
Host: externalde.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 04 May 2024 10:18:46 GMT
content-type: text/html; charset=UTF-8
location: https://lkbx.me/4KqY7?uid=wj23a03osa94r221je85hs2i
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbSSFJE92qkVnkp%2BzXmErdx14X1XEG7Szb8r52LhP6wlGMP6fiXGXHMp8OgMF81btfAnMjFMErIbCL6Fk8cWjCZi8rlgWtsO0BXn24awd3hz4O6qhjWp5FcqsM2g9QNmSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e7bfa97a6db529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg | 104.22.32.172 | 200 OK | 17 kB |
URL GET HTTP/2offerimage.com/www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash9c6355bcf96815c755fbba83f9fd8f64 ce698b45fb51ef1494f80f432b7aff0985247724 2cd74e866757767cd5c88d066a0bc057aded1e6c07171e091dd87f56ffd4a906
GET /www/images/9c6355bcf96815c755fbba83f9fd8f64.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:50 GMT
content-type: image/jpeg
content-length: 17173
cache-control: max-age=86400
cf-bgj: h2pri
etag: "642af881-4315"
expires: Sat, 04 May 2024 20:06:53 GMT
last-modified: Mon, 03 Apr 2023 16:02:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 51114
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bfc3af9d10b1-CPH
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 3013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 203030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gishejuy.com/impression/FfKDp0q7B7sXgfbTWLxZtXCQmH5aTvdmssQn4YsCdSYEg7_1dUk73cnO_b27JlxOXa6z2LGryPkevlPHjG4sA6JVGQJtRV6h26TWLyfZxd0LqABkqwmYAm2LdmuQ3iPzfsRgfJeGipoZNZSnBtDI3Qpf0UuQpkkOHXqt4UMJU2l5_4DmPB3HUMtL5xdP1msgBEcexgp3hNGxC9c64Y6ZVeOIlTGA4Wn_9eEBztWgi4AjrZZnTxBknx9Lyage_PiRDj5GdeyWsKEvMEjdfOzoujIxhBdBNeSlAdKF_KxJRHd8v0DcIl2japBBlhkHQBsS2dVfagxTkMjohm1EnrjmJP-gg5wMbxPf_eN1SwQnYWmyOUsX7GcUkB3JVAREW_M00RjPWQRLfbUhIrNfXP2cSdsXqXrhGrG4IP4ndwBY6BGBG5yh1wrPhnzrh-EV7BY2m9vs8M8kjc_jJzeOcButhwZoC9DdbAqcKegjWy7f5w1Z6pCkeaH8frfLOoVKzZVWjUAUn6FA7uBmw2azZB1sxIH8BAEmdnY2iu5luvDd0Y0de6ErintLcEPsc9lnfjh6z34yilM8K_D8t7O3KEyv_h4S1jjjni8cTEVje2YsQvmvJofyTBciNYZwL7pVINxVVyL4j6fqfLj_zyS9QgLRT2tPWtCYuH1AQ26ueHAdSoVe776umGJPBb4uiMpQlNo3wGWPxY28FwrmvgWpoUC6bhD7WCP5PrV7DUiwiemznYm4GYZM6k2GV5iS24eM3HjC19rC7iMz13xyMLi9Xqe_FAl7S_phCPEDFHIw2kLd4GUaL7jiHXc0UQljLz0=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 | 139.45.197.242 | 200 OK | 43 B |
URL GET HTTP/2gishejuy.com/impression/FfKDp0q7B7sXgfbTWLxZtXCQmH5aTvdmssQn4YsCdSYEg7_1dUk73cnO_b27JlxOXa6z2LGryPkevlPHjG4sA6JVGQJtRV6h26TWLyfZxd0LqABkqwmYAm2LdmuQ3iPzfsRgfJeGipoZNZSnBtDI3Qpf0UuQpkkOHXqt4UMJU2l5_4DmPB3HUMtL5xdP1msgBEcexgp3hNGxC9c64Y6ZVeOIlTGA4Wn_9eEBztWgi4AjrZZnTxBknx9Lyage_PiRDj5GdeyWsKEvMEjdfOzoujIxhBdBNeSlAdKF_KxJRHd8v0DcIl2japBBlhkHQBsS2dVfagxTkMjohm1EnrjmJP-gg5wMbxPf_eN1SwQnYWmyOUsX7GcUkB3JVAREW_M00RjPWQRLfbUhIrNfXP2cSdsXqXrhGrG4IP4ndwBY6BGBG5yh1wrPhnzrh-EV7BY2m9vs8M8kjc_jJzeOcButhwZoC9DdbAqcKegjWy7f5w1Z6pCkeaH8frfLOoVKzZVWjUAUn6FA7uBmw2azZB1sxIH8BAEmdnY2iu5luvDd0Y0de6ErintLcEPsc9lnfjh6z34yilM8K_D8t7O3KEyv_h4S1jjjni8cTEVje2YsQvmvJofyTBciNYZwL7pVINxVVyL4j6fqfLj_zyS9QgLRT2tPWtCYuH1AQ26ueHAdSoVe776umGJPBb4uiMpQlNo3wGWPxY28FwrmvgWpoUC6bhD7WCP5PrV7DUiwiemznYm4GYZM6k2GV5iS24eM3HjC19rC7iMz13xyMLi9Xqe_FAl7S_phCPEDFHIw2kLd4GUaL7jiHXc0UQljLz0=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectgishejuy.com Fingerprint0E:1A:AC:78:15:75:C8:D7:77:E9:9F:1E:8F:A6:05:8C:F6:CA:AC:80 ValidityTue, 02 Apr 2024 05:15:48 GMT - Mon, 01 Jul 2024 05:15:47 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impression/FfKDp0q7B7sXgfbTWLxZtXCQmH5aTvdmssQn4YsCdSYEg7_1dUk73cnO_b27JlxOXa6z2LGryPkevlPHjG4sA6JVGQJtRV6h26TWLyfZxd0LqABkqwmYAm2LdmuQ3iPzfsRgfJeGipoZNZSnBtDI3Qpf0UuQpkkOHXqt4UMJU2l5_4DmPB3HUMtL5xdP1msgBEcexgp3hNGxC9c64Y6ZVeOIlTGA4Wn_9eEBztWgi4AjrZZnTxBknx9Lyage_PiRDj5GdeyWsKEvMEjdfOzoujIxhBdBNeSlAdKF_KxJRHd8v0DcIl2japBBlhkHQBsS2dVfagxTkMjohm1EnrjmJP-gg5wMbxPf_eN1SwQnYWmyOUsX7GcUkB3JVAREW_M00RjPWQRLfbUhIrNfXP2cSdsXqXrhGrG4IP4ndwBY6BGBG5yh1wrPhnzrh-EV7BY2m9vs8M8kjc_jJzeOcButhwZoC9DdbAqcKegjWy7f5w1Z6pCkeaH8frfLOoVKzZVWjUAUn6FA7uBmw2azZB1sxIH8BAEmdnY2iu5luvDd0Y0de6ErintLcEPsc9lnfjh6z34yilM8K_D8t7O3KEyv_h4S1jjjni8cTEVje2YsQvmvJofyTBciNYZwL7pVINxVVyL4j6fqfLj_zyS9QgLRT2tPWtCYuH1AQ26ueHAdSoVe776umGJPBb4uiMpQlNo3wGWPxY28FwrmvgWpoUC6bhD7WCP5PrV7DUiwiemznYm4GYZM6k2GV5iS24eM3HjC19rC7iMz13xyMLi9Xqe_FAl7S_phCPEDFHIw2kLd4GUaL7jiHXc0UQljLz0=?_z=7406589&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=2&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&js_build=8&sw_version=v1.337.0 HTTP/1.1
Host: gishejuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: OAID=0080520728d84fcbfec3fd5764890f66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: 09bdba115b98ed243a653f79adea319d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=k7XJJ5EoxyK2NvOZ5BP8tErYVE4U4xQoXqNyYyUM_qWoheAHBmAyu3FgaIil9icNCaWqIJLvTnuoHAMHgGB6KWjs4G92NM1sENsvMctj0eqyVPVZSa5Tno3iOByOFMn5
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sat, 04 May 2024 10:18:25 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 36
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cameesse.net/11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 | 139.45.197.242 | | 0 B |
URL cameesse.net/11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 IP139.45.197.242:0
CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=853350186&z=7406590&b=20830638&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=A8PIuGD4qzu0TIfTTQGZ7XnMvpaOfu_7b92TyV6EEJXe71dmeD0IyOGzv3rGRnk5K1x81_y4Fn3n_ztCmL8WwRPKPSFzaKD2fkr8vb683Yy7CbwAEfRAug3sV9k8HPtHDKoX5apkCf59yujk5yRu9l3toU3K4SiNj8Nqil1Qa6w2LDt60DjAhqKp-glbYkGrXCLg4aoQLcYuqfQZx77dy9HAUlQBs3TjxOoZvBJfzw7mcFjKUr_d-B2FzcIz2TxrNyRXK0Jcph80XJpm9zbalsYBoM0zcz3ocIt51zbTgtjINNZ_BRXE0cJ5Wws7L3kpfJ5kuSKXJ_f-VeSJLlmL0U2kDe49Lw14U-nLKUzloLHoIrE2yAPDmHvBd6bWUHdCIOsuciK0oJhNTGebUW-b9FtOoLV3r65Jiw4sTqwsSpcqBvKeiAf95V1lTtQ0dkHU4jPXyHvJy93NcUZjnw1tmXH_V4skuGZsE0KmAgz3gTwPd_pNz4_SA2F2B74IrZaMpWTGXrU802PVnr5jzJiUNAihgWm-QjHWnlZNn_AokMHGFypMYoKXD7Xyx9hLEOZE2p6F4R2ZKdPyJDNueepmXMoKw7OcQDxcQ8ppZnENyFeEKqiE&ruid=326db0e4-96b8-4ece-ad96-13b981804c4e&subid=810567735617531904&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=0&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=0080520728d84fcbfec3fd5764890f66; oaidts=1714817924
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:19:05 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonzip.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 38fb2b259bf32d6d731d91121a7d6089
access-control-expose-headers: X-Sc
set-cookie: OAID=0080520728d84fcbfec3fd5764890f66; expires=Sun, 04 May 2025 10:19:05 GMT; secure; SameSite=None
oaidts=1714817924; expires=Sun, 04 May 2025 10:19:05 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 04 May 2025 10:19:05 GMT; secure; SameSite=None
CNT=1_v1_rtk9AQEAAACHTQAA; expires=Sat, 04 May 2024 11:19:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png | 135.181.248.190 | 200 OK | 5.0 kB |
URL GET HTTP/1.1anonzip.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png IP135.181.248.190:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectanonzip.com Fingerprint05:1A:C5:B8:46:2C:D7:57:A3:34:1F:79:EC:24:CC:61:ED:36:1E:7E ValiditySat, 30 Mar 2024 19:16:56 GMT - Fri, 28 Jun 2024 19:16:55 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hasha9a8c24cea41bed7ef78ed1d12d48291 cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7 3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: anonzip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/C4r/Windows.rar
Cookie: filehosting=9o9149r5put2gvlgmdgdtr1rf5; _ga_GWR0PX9LQC=GS1.1.1714817924.1.0.1714817924.0.0.0; _ga=GA1.1.1715333093.1714817925
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 10:18:44 GMT
Content-Type: image/png
Content-Length: 5016
Last-Modified: Fri, 15 Apr 2022 11:04:01 GMT
Connection: keep-alive
ETag: "62595121-1398"
Accept-Ranges: bytes
|
|
| cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a | 139.45.197.242 | 200 OK | 413 kB |
URL GET HTTP/2cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectcameesse.net Fingerprint40:09:71:B1:17:F8:74:15:9B:3D:0A:95:73:15:74:D6:05:A5:5B:44 ValidityFri, 22 Mar 2024 19:24:17 GMT - Thu, 20 Jun 2024 19:24:16 GMT
File typeJavaScript source, ASCII text, with very long lines (65523) Size413 kB (413423 bytes) Hash297cc248309ba835cf13a1f82fd3f938 1e6f51ce257a0ee53e25280dd44092ed33339847 b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27/7552beb94fc0bdff7bbb33cad3d1ab0a HTTP/1.1
Host: cameesse.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Cookie: scm=1; OAID=0400524015434624edbd6b9679267ca2; oaidts=1714817924
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 53bf075f88aeb35274ff9df3e2bcc930
cache-control: max-age:290304000, public
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
expires: Tue, 09 May 2084 03:16:58 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/universal.min.js?v=3.1.504 | 139.45.197.250 | 200 OK | 90 kB |
URL GET HTTP/2moonoafy.net/pfe/current/universal.min.js?v=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4caad44ecc6a13eba45b63ed7cf9e387 e67dfe90bebd5447495d8fe962d03e55f6d13071 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/universal.min.js?v=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-15efa"
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 10:18:44 GMT
date: Sat, 04 May 2024 10:18:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 | 139.45.197.250 | 200 OK | 880 B |
URL GET HTTP/2moonoafy.net/zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (977), with no line terminators Hash7db549bd97c2cf19c1a7b302563a42e4 9f3ff7d955b0ff41824a7094761659688b20088e 5bd403e962c03e25fe7f98492e5a381c5df1a49c1921132aeb92dcc2368b5697
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /zone?pub=0&zone_id=7406592&is_mobile=false&domain=anonzip.com&var=&ymid=&var_3=&tg=0&sw=3.1.504 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 4d1265a4014ace075cf9a8a7c03cdf41
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810567735617531904&ctrl_fetch_dest=iframe&ctrl_id=66360b8664273351898631&ctrl_ts=1714817926.4102&ctrl_ab=burp | 143.204.55.21 | 302 Found | 1.1 kB |
URL GET HTTP/2track.jefytrack.com/145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810567735617531904&ctrl_fetch_dest=iframe&ctrl_id=66360b8664273351898631&ctrl_ts=1714817926.4102&ctrl_ab=burp IP143.204.55.21:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerAmazon Subjecttrack.jefytrack.com FingerprintD9:FC:91:D1:FD:F0:F4:2D:48:E9:47:EE:31:A0:1C:23:D3:9A:29:D8 ValiditySun, 21 Apr 2024 00:00:00 GMT - Tue, 20 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /145f6684-c379-407a-a2eb-922622a713e1?zoneid=7406590&campaignid=8121703&carrier=%7Bcarrier%7D&connectiontype=%7Bconnection.type%7D&isp=%7Bisp%7D&cost=&visitor_id=810567735617531904&ctrl_fetch_dest=iframe&ctrl_id=66360b8664273351898631&ctrl_ts=1714817926.4102&ctrl_ab=burp HTTP/1.1
Host: track.jefytrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://externalde.com/out/xyhkxckud/?ctrl_id=66360b8664273351898631&ctrl_ab=burp&ctrl_ts=1714817926.4102&ctrl_vol_oid=0b046699-9de5-41eb-a62f-5035b56e631b&tg=https://lkbx.me/4KqY7&uid=wj23a03osa94r221je85hs2i
date: Sat, 04 May 2024 10:18:46 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 145f6684-c379-407a-a2eb-922622a713e1-v4=LumZWtjR3kcyuKY4b_gBDVmzIKXDf9RxmxvwpXbtY7o; Max-Age=86400; Expires=Sun, 05-May-2024 10:18:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wj23a03osa94r221je85hs2i%22%2C%22caid%22%3A%22145f6684-c379-407a-a2eb-922622a713e1%22%7D; Max-Age=31536000; Expires=Sun, 04-May-2025 10:18:46 GMT; Domain=track.jefytrack.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fWpgoxepoUdqHdldR663DbOF5p53UiwPy-UwuzLyhtue1gfntW7EwA==
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i | 142.250.74.106 | 200 OK | 37 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i IP142.250.74.106:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hashc2b8ea09ec90a66034e1b61bc1f8e5d4 9558953728cacfc3433ba6281c1b4a58fbbc9d51 1c593f4a688585b14c31e71fc64bfaa81d768984cdf182bca40ba8c524582685
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 10:18:44 GMT
date: Sat, 04 May 2024 10:18:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| alwingulla.com/88/tag.min.js | 172.67.152.114 | 200 OK | 81 kB |
URL GET HTTP/2alwingulla.com/88/tag.min.js IP172.67.152.114:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectalwingulla.com FingerprintB6:A3:BD:4F:5E:0D:58:50:07:9D:17:E0:30:97:67:97:9E:23:1A:1C ValidityTue, 12 Mar 2024 16:48:22 GMT - Mon, 10 Jun 2024 16:48:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hashd8fe6d8977be78f78ee48c068b8c8686 e9c96bfc9bcd374f528f73c0441c2358d6d1d135 43423a879e310562ceed423aa563f4fac45713e6f59b0517d897e2c96a42993b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/tag.min.js HTTP/1.1
Host: alwingulla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:43 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 624b03ca331891542e6efac5f0adfba8
cache-control: max-age=86400
last-modified: Fri, 03 May 2024 05:52:08 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 05 May 2024 05:45:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn3%2FD8ozBce5qY3CyaKrRl%2FKmyHMqtDaM8hFzTf25IXcRO0olUypUiKUbK86VkDNcgfrQfxlc1pfUDYkwbC88QqM3pEImv6trwsXKk1aH72p80x1b24slbHKoniXMWnwCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bf97be5f56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg | 104.22.32.172 | 200 OK | 19 kB |
URL GET HTTP/2offerimage.com/www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg IP104.22.32.172:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerGoogle Trust Services LLC Subjectofferimage.com Fingerprint5C:87:DE:3A:1B:66:15:11:B1:75:B6:AC:AF:F9:A6:EF:5E:7F:80:72 ValidityFri, 05 Apr 2024 23:50:04 GMT - Thu, 04 Jul 2024 23:50:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3 Hash71581bf2ce9a00138faf7dd80fe3e12e 56479135ed64bf23e1037067c0c87047eb8a414c 5d9f95c8c06343cc189b38268296615ed8816d8154b4b782ad0d62bedd23525e
GET /www/images/71581bf2ce9a00138faf7dd80fe3e12e.jpg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:50 GMT
content-type: image/jpeg
content-length: 19381
cache-control: max-age=86400
cf-bgj: h2pri
etag: "65674405-4bb5"
expires: Sat, 04 May 2024 18:07:30 GMT
last-modified: Wed, 29 Nov 2023 14:00:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 58280
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e7bfc17c8f10b1-CPH
X-Firefox-Spdy: h2
|
|
| moonoafy.net/pfe/current/tag.min.js?z=7406592 | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2moonoafy.net/pfe/current/tag.min.js?z=7406592 IP139.45.197.250:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectmoonoafy.net Fingerprint17:AD:95:C9:DA:29:B4:0A:55:33:11:0A:74:DF:AF:4D:05:13:AC:A0 ValidityFri, 29 Mar 2024 05:18:37 GMT - Thu, 27 Jun 2024 05:18:36 GMT
File typeJavaScript source, ASCII text, with very long lines (14612), with no line terminators Hashffdd38e0a5a1a47cb341a116a3318e0e 2fd730feff506cf56e14c531e9d89cdea2cca424 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/tag.min.js?z=7406592 HTTP/1.1
Host: moonoafy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anonzip.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:44 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-3914"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=BdZYMkparywH_vfWnFXLKc5OFRowmBnzu9x-eLEidRSlFJzzj2blbGkLIn6OXDp8ZaRr139UmG4k5jYG5ipsTEd1_yhdurFv0_hwhwbVXkk-6NiCcoQpm-AqRYAJBFD8qUEs0Wfyfp75A6XY6U4HuO67dVm7G31Ys3HB_wdiwf-rc5VwqvNY1PDsLgK3Kot77vubOm5u2Ztsmf1A-j7NRbx9I6rCf4bRhrobMkWorV6Dcc_dzZ8-LiqOSNGJ1TxX8sY_iQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=df6efd6e-3c8c-46b3-9244-1c06eab541e7&wasm=1&userId=0080520728d84fcbfec3fd5764890f66&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2veepteero.com/?rb=BdZYMkparywH_vfWnFXLKc5OFRowmBnzu9x-eLEidRSlFJzzj2blbGkLIn6OXDp8ZaRr139UmG4k5jYG5ipsTEd1_yhdurFv0_hwhwbVXkk-6NiCcoQpm-AqRYAJBFD8qUEs0Wfyfp75A6XY6U4HuO67dVm7G31Ys3HB_wdiwf-rc5VwqvNY1PDsLgK3Kot77vubOm5u2Ztsmf1A-j7NRbx9I6rCf4bRhrobMkWorV6Dcc_dzZ8-LiqOSNGJ1TxX8sY_iQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=df6efd6e-3c8c-46b3-9244-1c06eab541e7&wasm=1&userId=0080520728d84fcbfec3fd5764890f66&m=link IP139.45.197.242:443
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2325), with no line terminators Hashcba9ecd751dcd8c5b708ef5c8c71792e 40747810e7e15fdb4929fd4810c27c8e607bb3a6 ca98e1dd59431c725b03ed62cb336f743f5835b7e84fd3a97063c685aaca44e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=BdZYMkparywH_vfWnFXLKc5OFRowmBnzu9x-eLEidRSlFJzzj2blbGkLIn6OXDp8ZaRr139UmG4k5jYG5ipsTEd1_yhdurFv0_hwhwbVXkk-6NiCcoQpm-AqRYAJBFD8qUEs0Wfyfp75A6XY6U4HuO67dVm7G31Ys3HB_wdiwf-rc5VwqvNY1PDsLgK3Kot77vubOm5u2Ztsmf1A-j7NRbx9I6rCf4bRhrobMkWorV6Dcc_dzZ8-LiqOSNGJ1TxX8sY_iQ%3D%3D&request_ab2=0&zoneid=7406588&js_build=iclick-v1.788.6-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=0&pl=https%3A%2F%2Fanonzip.com%2FC4r%2FWindows.rar&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.6-auto&navlng=en-US&pnt=0&pnrc=0&bs=df6efd6e-3c8c-46b3-9244-1c06eab541e7&wasm=1&userId=0080520728d84fcbfec3fd5764890f66&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonzip.com/
Origin: https://anonzip.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 10:18:45 GMT
content-type: application/json
x-trace-id: 80380e20620981109cf7852318c4d2e1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anonzip.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080520728d84fcbfec3fd5764890f66; expires=Sun, 04 May 2025 10:18:45 GMT; path=/; secure; SameSite=None
oaidts=1714817925; expires=Sun, 04 May 2025 10:18:45 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 11 May 2024 10:18:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lkbx.me/4KqY7?uid=wj23a03osa94r221je85hs2i | 47.89.248.255 | 200 OK | 1.1 kB |
URL GET HTTP/2lkbx.me/4KqY7?uid=wj23a03osa94r221je85hs2i IP47.89.248.255:443 ASN#45102 Alibaba US Technology Co., Ltd.
Requested byhttps://anonzip.com/C4r/Windows.rar CertificateIssuerDigiCert Inc Subjectlkbx.me Fingerprint85:1C:F3:96:31:0D:EC:E9:85:9D:6E:27:5F:AE:1D:6C:F2:9B:F5:BD ValidityMon, 27 Nov 2023 00:00:00 GMT - Tue, 26 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1129), with no line terminators Hash49852b4498148461ea8bce1732a0bb63 9e2c02ec960499c3352c9ba23f65b4b27a53fc52 d258b054ae3a04dbcba717d8397f638e2583f9f83a13c5ca1bcf7a70d26e8d19
GET /4KqY7?uid=wj23a03osa94r221je85hs2i HTTP/1.1
Host: lkbx.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 10:18:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: discuz_2132_saltkey=meW7dn44; expires=Mon, 03-Jun-2024 10:18:47 GMT; Max-Age=2592000; path=/; secure; httponly
discuz_2132_lang=en; path=/; secure
discuz_2132_lang=en; path=/; secure
content-encoding: gzip
X-Firefox-Spdy: h2
|
|