cdn-120.anonfiles.com/P3p3h337y4/12830c5b-1673307838/FFH4X.rar
195.96.151.72301 Moved Permanently 162 B URL HTTP/1.1 cdn-120.anonfiles.com/P3p3h337y4/12830c5b-1673307838/FFH4X.rar
IP 195.96.151.72:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /P3p3h337y4/12830c5b-1673307838/FFH4X.rar HTTP/1.1
Host: cdn-120.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 13 Mar 2023 20:50:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-120.anonfiles.com/P3p3h337y4/12830c5b-1673307838/FFH4X.rar
cdn-120.anonfiles.com/P3p3h337y4/12830c5b-1673307838/FFH4X.rar
195.96.151.72301 Moved Permanently 0 B URL HTTP/1.1 cdn-120.anonfiles.com/P3p3h337y4/12830c5b-1673307838/FFH4X.rar
IP 195.96.151.72:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /P3p3h337y4/12830c5b-1673307838/FFH4X.rar HTTP/1.1
Host: cdn-120.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 13 Mar 2023 20:50:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/P3p3h337y4
X-Cache-Host: filecache-02
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 13 Mar 2023 20:14:09 GMT
content-type: application/json
age: 2175
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: w3EbmQiSjaPQPqSD/qNT8/1D/K7CthvlljJ+YZy+vzOHNTIqQ/0AnZqm6IvTD60V15xzP4MN+POZTsMTZeqP8g==
x-amz-request-id: GN6HQD7SH4JECZC8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 13 Mar 2023 20:46:32 GMT
age: 232
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 13 Mar 2023 20:50:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/P3p3h337y4
45.154.253.150200 OK 3.3 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (380)
Hash d8e2a639139f305e5b6a90235be3c048
cd2441bf9b0befe8dd812744858924337ba9cf51
8e518c9d8f76199457095e38b3d80411b59d068f52e08989df7ae8ee97144013
GET /P3p3h337y4 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: Y
x-oh: 13
Content-Encoding: gzip
anonfiles.com/css/anonfiles.css?1677171543
45.154.253.150200 OK 25 kB URL HTTP/1.1 anonfiles.com/css/anonfiles.css?1677171543
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash bf84dfe5f6e6044aa4c1095a7a9a850e
e411fe5ea4f2b5ce7382dfe3079589f4817ad165
2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
GET /css/anonfiles.css?1677171543 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3373
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.2.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.2.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Mon, 13 Mar 2023 20:50:24 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 11953
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
anonfiles.com/sw_anonfiles.js
45.154.253.150200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 18767
Content-Encoding: gzip
anonfiles.com/js/app.js?1677171542
45.154.253.150200 OK 58 kB URL HTTP/1.1 anonfiles.com/js/app.js?1677171542
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash 6593eca3dca95e3f423b750e172123cb
49f313f04500d3493e99a5f1841cdc1c798db703
0db1a88df800a447935f58da885afbec989e73606cb37a7df98d428f04d35fcb
GET /js/app.js?1677171542 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2924
Content-Encoding: gzip
anonfiles.com/img/flags/24/kr.png
45.154.253.150200 OK 988 B URL HTTP/1.1 anonfiles.com/img/flags/24/kr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5002
accept-ranges: bytes
anonfiles.com/img/flags/24/jp.png
45.154.253.150200 OK 599 B URL HTTP/1.1 anonfiles.com/img/flags/24/jp.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5110
accept-ranges: bytes
anonfiles.com/img/flags/24/de.png
45.154.253.150200 OK 483 B URL HTTP/1.1 anonfiles.com/img/flags/24/de.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5180
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 13 Mar 2023 20:12:32 GMT
age: 2272
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/ru.png
45.154.253.150200 OK 403 B URL HTTP/1.1 anonfiles.com/img/flags/24/ru.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5012
accept-ranges: bytes
anonfiles.com/img/flags/24/no.png
45.154.253.150200 OK 611 B URL HTTP/1.1 anonfiles.com/img/flags/24/no.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:24 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4965
accept-ranges: bytes
anonfiles.com/img/flags/24/br.png
45.154.253.150200 OK 1.1 kB URL HTTP/1.1 anonfiles.com/img/flags/24/br.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4992
accept-ranges: bytes
anonfiles.com/static/logo.png
45.154.253.150200 OK 18 kB URL HTTP/1.1 anonfiles.com/static/logo.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f9fd716d30e220aa24bab0e94ebf0aa0
4af32d78655436173f272bb65159a232f1671b8d
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 20:22:41 GMT
etag: "6324db11-4809"
anonfiles.com/img/flags/24/us.png
45.154.253.150200 OK 656 B URL HTTP/1.1 anonfiles.com/img/flags/24/us.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5074
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737329
54.230.245.208200 OK 68 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP 54.230.245.208:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash dc38ff0f8fe7e0f95fae0887769b499f
42da2d8efae1807b7f2a5e0348f1824eec2e721e
edf78c26f172b747f617630a92e98c4443ebdc5701a708920bac68cfb870aa08
GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68461
date: Mon, 13 Mar 2023 20:50:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44EQHCwSoEDhq-dDZB_Uopnq3T0EIzJY8vv03jlKP-JDs0nLS7TkfQ==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/fr.png
45.154.253.150200 OK 536 B URL HTTP/1.1 anonfiles.com/img/flags/24/fr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4969
accept-ranges: bytes
anonfiles.com/img/flags/24/es.png
45.154.253.150200 OK 666 B URL HTTP/1.1 anonfiles.com/img/flags/24/es.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4478
accept-ranges: bytes
push.services.mozilla.com/
52.42.5.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.5.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pVSCTL0VaDAkmMul+hRGaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bIs8FvcClbhCcFsjG4YplQExIOM=
anonfiles.com/img/flags/24/in.png
45.154.253.150200 OK 593 B URL HTTP/1.1 anonfiles.com/img/flags/24/in.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3608
accept-ranges: bytes
anonfiles.com/img/flags/24/se.png
45.154.253.150200 OK 581 B URL HTTP/1.1 anonfiles.com/img/flags/24/se.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4991
accept-ranges: bytes
anonfiles.com/img/flags/24/dk.png
45.154.253.150200 OK 537 B URL HTTP/1.1 anonfiles.com/img/flags/24/dk.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2387
accept-ranges: bytes
anonfiles.com/img/flags/24/fi.png
45.154.253.150200 OK 456 B URL HTTP/1.1 anonfiles.com/img/flags/24/fi.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:25 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4951
accept-ranges: bytes
anonfiles.com/img/flags/24/pl.png
45.154.253.150200 OK 347 B URL HTTP/1.1 anonfiles.com/img/flags/24/pl.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/P3p3h337y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:26 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5063
accept-ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 780098f209d535b5c802e280f41c2ed7
6d895fec65f4d11af82d1a417fdec5d2df2a9cd1
5b66b48774c284e271f0e4938e304b98e8e3642c9e479768b64fe4186055e886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4743
x-amzn-requestid: 307f30a9-ba32-4ff5-a987-990d05f07b64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BpjcvEHvIAMFR-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d4c51-3f20ae277aa76e175a7a3c44;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 03:51:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gVYwfArTGE1PoLnLX7VI3aaaqbu5yA8hcn2MdtqWl3IpZF8U5r-Qwg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 04:18:22 GMT
age: 59524
etag: "6d895fec65f4d11af82d1a417fdec5d2df2a9cd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbfef97312a1bc4792615717a63a48ba
1008882db3829f830b0f58c9c5b09792e844a31b
2b096364b450b4845252b7a22a9f9aadadf220e7a6a4134558647d308529d2a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5853
x-amzn-requestid: c8b1593f-4bd9-452d-a904-87b58194d599
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_WlHEwoAMFyqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45c3-461a986e5a5544cf574899e4;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:36:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C6xTwOtJHWOoB4SIZ7qDzhmjdyRpZtrJEQ4iSWw5SHWVIKSxfirSCw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:57:44 GMT
age: 82362
etag: "1008882db3829f830b0f58c9c5b09792e844a31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a4d6ee7d459e2a9b742d0dbca932998
eada4a4de40e5035173bb18ee51aacd624b8b169
2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6053
x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-FD5oAMFwJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fWVlVC6aYC4VUrCTIxXhQ-EDPiPBfbsfLKvxvg44bWZMGpgJup4o8w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:04:03 GMT
age: 81983
etag: "eada4a4de40e5035173bb18ee51aacd624b8b169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Wqeeb_wUrrQ62pbbReffhKWx1NeYL67CGmOFZgV-c5BD-JrbB1ud1g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:42:47 GMT
age: 83259
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc6b9225b635519ff0e90400781c6676
e576ab2c5b08780162d104a060c873f52b221538
6dfe0bff6f08723604b2e4805b53dbc1907a8e6f7f56b06c110fbb8f344034d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10872
x-amzn-requestid: b4f88a88-7ae0-4419-a9d6-a985c7951cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezvPGRBoAMFmdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408fffa-00f0efac63f09f3d5662adbf;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: LWbpNE2xPWrYvBLtEuqnjxXclPKn_-sL1V_cyM5IdU3yqi1moDxBVA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:16:08 GMT
etag: "e576ab2c5b08780162d104a060c873f52b221538"
content-type: image/jpeg
age: 81258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/sw_anonfiles.js?aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw
45.154.253.150200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js?aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js?aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 13 Mar 2023 20:50:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 18785
Content-Encoding: gzip
tytyeastfeukufun.info/ajF0T28LUxciUAsMFmkaGF1Jal0sFEYJCwBHTXYcEl4FPxlbAFosAwVEECkdBV8AYQEPRVF9KQZTRCgWC10TAiVbRjkVFxlZIiMLHGk8dy09ZhwFJgF0MgEHUwAtKCoyaTwjKz9ZRAs/LWgVLRUBFEYNKSgFHQxcP3IgCz4lexgZNwxWGyI6PFUEHDwGZjcIOQhTHywjMGA9ITwrfEQOFgFpIw1aC2sTBT8LXU0oPTt8RgwWDnczF14OVDI4CgxnRXsuW0FGF11acz8HXg5UMRorJF0YdylbWhUcAQVyMSJaCFMlCgAMZ0V7PihJTRcuAXUjIl4oVDZiGzpQGHcZPEYfNS4tATUDKBpXER4lC1AidlosABwgLDl3NQsVXnA5DQszeRh6WygBJiA8PgEkGBhMWwcgARoMJCQgWQAFdyoGRSA/WDxH
54.230.111.81200 OK 1.2 kB URL HTTP/2 tytyeastfeukufun.info/ajF0T28LUxciUAsMFmkaGF1Jal0sFEYJCwBHTXYcEl4FPxlbAFosAwVEECkdBV8AYQEPRVF9KQZTRCgWC10TAiVbRjkVFxlZIiMLHGk8dy09ZhwFJgF0MgEHUwAtKCoyaTwjKz9ZRAs/LWgVLRUBFEYNKSgFHQxcP3IgCz4lexgZNwxWGyI6PFUEHDwGZjcIOQhTHywjMGA9ITwrfEQOFgFpIw1aC2sTBT8LXU0oPTt8RgwWDnczF14OVDI4CgxnRXsuW0FGF11acz8HXg5UMRorJF0YdylbWhUcAQVyMSJaCFMlCgAMZ0V7PihJTRcuAXUjIl4oVDZiGzpQGHcZPEYfNS4tATUDKBpXER4lC1AidlosABwgLDl3NQsVXnA5DQszeRh6WygBJiA8PgEkGBhMWwcgARoMJCQgWQAFdyoGRSA/WDxH
IP 54.230.111.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash b71f84a048f08be431cf2e1229a91834
2ae2bc8f95364c3837761661657593104e5eb3c9
b1bff25473b5136ec7b8b3342c18caa8e5c030ea0aaad2a83367fd86833edbf2
GET /ajF0T28LUxciUAsMFmkaGF1Jal0sFEYJCwBHTXYcEl4FPxlbAFosAwVEECkdBV8AYQEPRVF9KQZTRCgWC10TAiVbRjkVFxlZIiMLHGk8dy09ZhwFJgF0MgEHUwAtKCoyaTwjKz9ZRAs/LWgVLRUBFEYNKSgFHQxcP3IgCz4lexgZNwxWGyI6PFUEHDwGZjcIOQhTHywjMGA9ITwrfEQOFgFpIw1aC2sTBT8LXU0oPTt8RgwWDnczF14OVDI4CgxnRXsuW0FGF11acz8HXg5UMRorJF0YdylbWhUcAQVyMSJaCFMlCgAMZ0V7PihJTRcuAXUjIl4oVDZiGzpQGHcZPEYfNS4tATUDKBpXER4lC1AidlosABwgLDl3NQsVXnA5DQszeRh6WygBJiA8PgEkGBhMWwcgARoMJCQgWQAFdyoGRSA/WDxH HTTP/1.1
Host: tytyeastfeukufun.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Mon, 13 Mar 2023 20:50:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vkQzgWax8LxMV4x4gITUf4qE63daqwhDs1jgMRLu3OsLCBkb7IK-ug==
X-Firefox-Spdy: h2
tytyeastfeukufun.info/dFJmaWEVMAUEXhVvBE8UBj5bTFMyd1QvBR4kX1ASDD0XGRdFY0gKDRsnAg8TGzwSRw8RJkNbJx4HPj8LJ2A/ECYTYhI+MiExJFo7JgsNIzARBF9aKQwTDSoiMhsvOiMSCA4aKTMDXj00DDEeKAwMFDQ6AjwCHiMEFgMrTFMyFApcVyUWJzsgLAg1DRYxBiwoUAcWJwZERhQgPRY5FiUGJT4EKz4qGCFeLgkfOyUDUSEACAIGLhQSPQMYAA4xMyU7JS00FRQiASUtYjMnMUQcDDs3PmU1LiclBycFJS1iMzwoEzoIODQuZiwhMzwHHCcwLgQkOCIhHAw7M1kXXzhTPWIzBxUgNFY/KhY+NAEkEwsJLTVBAzM4UCELMzs1EWMCATMxCFM/CxcxIzpVNQIBWCYRASQOMyIICj8PFxM+Bw5SOBUGDwRvJAJYQzwCOwg2
54.230.111.81200 OK 1.2 kB URL HTTP/2 tytyeastfeukufun.info/dFJmaWEVMAUEXhVvBE8UBj5bTFMyd1QvBR4kX1ASDD0XGRdFY0gKDRsnAg8TGzwSRw8RJkNbJx4HPj8LJ2A/ECYTYhI+MiExJFo7JgsNIzARBF9aKQwTDSoiMhsvOiMSCA4aKTMDXj00DDEeKAwMFDQ6AjwCHiMEFgMrTFMyFApcVyUWJzsgLAg1DRYxBiwoUAcWJwZERhQgPRY5FiUGJT4EKz4qGCFeLgkfOyUDUSEACAIGLhQSPQMYAA4xMyU7JS00FRQiASUtYjMnMUQcDDs3PmU1LiclBycFJS1iMzwoEzoIODQuZiwhMzwHHCcwLgQkOCIhHAw7M1kXXzhTPWIzBxUgNFY/KhY+NAEkEwsJLTVBAzM4UCELMzs1EWMCATMxCFM/CxcxIzpVNQIBWCYRASQOMyIICj8PFxM+Bw5SOBUGDwRvJAJYQzwCOwg2
IP 54.230.111.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash 32a92e2ec0951328698eedf621fbd317
01724bd4722d000e0e93a633b439d9c2aac318cb
bf93c67fd2441e589b541ab15c1f72b8b8da14313269782841cf0d1dd15a1ace
GET /dFJmaWEVMAUEXhVvBE8UBj5bTFMyd1QvBR4kX1ASDD0XGRdFY0gKDRsnAg8TGzwSRw8RJkNbJx4HPj8LJ2A/ECYTYhI+MiExJFo7JgsNIzARBF9aKQwTDSoiMhsvOiMSCA4aKTMDXj00DDEeKAwMFDQ6AjwCHiMEFgMrTFMyFApcVyUWJzsgLAg1DRYxBiwoUAcWJwZERhQgPRY5FiUGJT4EKz4qGCFeLgkfOyUDUSEACAIGLhQSPQMYAA4xMyU7JS00FRQiASUtYjMnMUQcDDs3PmU1LiclBycFJS1iMzwoEzoIODQuZiwhMzwHHCcwLgQkOCIhHAw7M1kXXzhTPWIzBxUgNFY/KhY+NAEkEwsJLTVBAzM4UCELMzs1EWMCATMxCFM/CxcxIzpVNQIBWCYRASQOMyIICj8PFxM+Bw5SOBUGDwRvJAJYQzwCOwg2 HTTP/1.1
Host: tytyeastfeukufun.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Mon, 13 Mar 2023 20:50:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qOW8JtBvVV_TGXMDbwjdzBaLB7fUfEhanKJSqJq-wFswIvrvUSokug==
X-Firefox-Spdy: h2
utaitlastwebe.com/Yjl3Y3pNBhQQRwZTOSAeUEk2ITIofC82TiNaIiUuNl41UCs0XlEXEwYEQFBNUQpHRQoLXUpSQkRKAwIOF0pKUlwLVxEMR0RPSlJUUhdFTUlETEpSXBZJFgRHUx8HFw4OBEZVTVoOQ1NMUAxDV00
172.67.202.131204 No Content 0 B URL HTTP/2 utaitlastwebe.com/Yjl3Y3pNBhQQRwZTOSAeUEk2ITIofC82TiNaIiUuNl41UCs0XlEXEwYEQFBNUQpHRQoLXUpSQkRKAwIOF0pKUlwLVxEMR0RPSlJUUhdFTUlETEpSXBZJFgRHUx8HFw4OBEZVTVoOQ1NMUAxDV00
IP 172.67.202.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Yjl3Y3pNBhQQRwZTOSAeUEk2ITIofC82TiNaIiUuNl41UCs0XlEXEwYEQFBNUQpHRQoLXUpSQkRKAwIOF0pKUlwLVxEMR0RPSlJUUhdFTUlETEpSXBZJFgRHUx8HFw4OBEZVTVoOQ1NMUAxDV00 HTTP/1.1
Host: utaitlastwebe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 13 Mar 2023 20:50:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RGi2aozAZf4gSE9MlaJi%2FI%2BTVbM6NDGXNpm25MWZoUk21fv66Adbv1D8XFVjN76G1pmWElYOe6%2BQKnehNYOVbTRIZvNG0jSgrZoLvWCkLqy%2FxkKlyWv%2FA0dc1o5srM9XsDSmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a772633096fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
utaitlastwebe.com/WUJHMnJ2fSRBTw1xHXwWagx/Yyo1EhZ6QxsmEgs1PHIRAyMyD2FGGz1/cAFFanB+FAIwJnoDVCo2JkYHKn92FBs3JCgPVC9/dhxBbWx0AFxrZDIPQ382N1MVZHNhQgYtLnoDRG56cAZCb3ByBkFt
172.67.202.131204 No Content 0 B URL HTTP/2 utaitlastwebe.com/WUJHMnJ2fSRBTw1xHXwWagx/Yyo1EhZ6QxsmEgs1PHIRAyMyD2FGGz1/cAFFanB+FAIwJnoDVCo2JkYHKn92FBs3JCgPVC9/dhxBbWx0AFxrZDIPQ382N1MVZHNhQgYtLnoDRG56cAZCb3ByBkFt
IP 172.67.202.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WUJHMnJ2fSRBTw1xHXwWagx/Yyo1EhZ6QxsmEgs1PHIRAyMyD2FGGz1/cAFFanB+FAIwJnoDVCo2JkYHKn92FBs3JCgPVC9/dhxBbWx0AFxrZDIPQ382N1MVZHNhQgYtLnoDRG56cAZCb3ByBkFt HTTP/1.1
Host: utaitlastwebe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 13 Mar 2023 20:50:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxuWpM6OAryamddvzNX8%2FIb%2B63X%2FbXZdXr%2B3flENEavvDQoZdD0xooiWnCKVACdjF2qHwFBV%2BwRXQ0Hw4paO9RKEe1uDCqDbyE8zFF%2BdxZoC5B2iIIvesgbT5wXHVNxSbx%2BA5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7726330969b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/lb0gyalgMJ1wMZxshVldvXH8BWWhJIkEFNh91YgEXXHlDUh0DPGYabzk+FB4iC3UCTDQOJlVXfgomUVdpSSlWCGVbbkcLZQInSAM0AykXWB5aZgJPal9gRQM2CydFGX1deFwefV14A1p2X20BKH1deEUDNll8F1kaSnoCEm5bbQEofV14QBx9XAkDWm1BeB-tPal8vVwkzAG0ALGpfeQJaaV95F1hoCSFADz4AMBdYHl54B0RoST0PWw
54.230.245.208200 OK 262 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/lb0gyalgMJ1wMZxshVldvXH8BWWhJIkEFNh91YgEXXHlDUh0DPGYabzk+FB4iC3UCTDQOJlVXfgomUVdpSSlWCGVbbkcLZQInSAM0AykXWB5aZgJPal9gRQM2CydFGX1deFwefV14A1p2X20BKH1deEUDNll8F1kaSnoCEm5bbQEofV14QBx9XAkDWm1BeB-tPal8vVwkzAG0ALGpfeQJaaV95F1hoCSFADz4AMBdYHl54B0RoST0PWw
IP 54.230.245.208:0
File type ASCII text, with very long lines (307), with no line terminators
Hash c3766c9552904cd51c69135ae0947b6f
ff133b771bc8326e1e9c024b9cdabc0546cc4a00
e449d3a933a3558f51b28df3fdc51db81b680dc24feba4ed2c9165e066679926
Analyzer Verdict Alert fortinet Malware
GET /lb0gyalgMJ1wMZxshVldvXH8BWWhJIkEFNh91YgEXXHlDUh0DPGYabzk+FB4iC3UCTDQOJlVXfgomUVdpSSlWCGVbbkcLZQInSAM0AykXWB5aZgJPal9gRQM2CydFGX1deFwefV14A1p2X20BKH1deEUDNll8F1kaSnoCEm5bbQEofV14QBx9XAkDWm1BeB-tPal8vVwkzAG0ALGpfeQJaaV95F1hoCSFADz4AMBdYHl54B0RoST0PWw HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tytyeastfeukufun.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 262
date: Mon, 13 Mar 2023 20:50:26 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2GYfG2ee4OEagCdTFrTmMVD0ugDI4gkMlWR7hZQhhjQ4JyNDDjK9vA==
X-Firefox-Spdy: h2
utaitlastwebe.com/popunder.gif
172.67.202.131200 OK 1.3 kB URL HTTP/2 utaitlastwebe.com/popunder.gif
IP 172.67.202.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash decda5c05645bc33c73ebee9719f2750
8d4ed373836537759b272fa125b30918c3fdc9f4
2c4a43b63b154a722f60e81bca706b0794507c98c23b9cf85addb2f6097f07f7
GET /popunder.gif HTTP/1.1
Host: utaitlastwebe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 13 Mar 2023 20:50:26 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 2178
last-modified: Mon, 13 Mar 2023 20:14:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAHGq5ruHzIpwUm4VRKpgHO2t6ZH7VZj%2FdqYhRo52nDXHDYYsccLrzYZ99Ywvl3RhLk0OxkkEU4dq4GJXpyieDM%2Benz8UPz%2FCoIHr8Ayc3ewBnhcqp7Tkz9Uky1mRkQZdSdnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a7726331984b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
haitingshospi.info/utx?tid=737323&top=anonfiles.com&cb=ni0m1gWi4w5Z
13.225.244.95204 No Content 0 B URL HTTP/2 haitingshospi.info/utx?tid=737323&top=anonfiles.com&cb=ni0m1gWi4w5Z
IP 13.225.244.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=737323&top=anonfiles.com&cb=ni0m1gWi4w5Z HTTP/1.1
Host: haitingshospi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 13 Mar 2023 20:50:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 13 Mar 2023 20:51:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6767a485c1321860ef79f182d40e0050.cloudfront.net (CloudFront)
x-amz-cf-pop: LIS50-C1
x-amz-cf-id: diF-24nToiBTDyc3uSzzWU_tZllb4AlC9GNcdodri5B3Vcjw7LSxkw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9fcbc21a058c94488d8c27f703b90d45
1918d1e1eb5b31f78b8ce2c105c51c6d1fa251cf
2080724c22e53cb699294d3fffc05abe195fd08a28bc255edf6b87562906b44e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2969
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 20:50:26 GMT
Last-Modified: Mon, 13 Mar 2023 20:00:57 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9545ff63a3f2c6cdb9149bb997dca837
28d8a77e00e7de3a45e0033d1b81f1053ae67ee2
f34d2a1ca3fb791691e354261e78e08f76b7b83fdd6ed9cac2f9758154e80e26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 20:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9545ff63a3f2c6cdb9149bb997dca837
28d8a77e00e7de3a45e0033d1b81f1053ae67ee2
f34d2a1ca3fb791691e354261e78e08f76b7b83fdd6ed9cac2f9758154e80e26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 20:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tytyeastfeukufun.info/utx?cb=XpS67b1IGFb7&top=anonfiles.com&tid=737329
54.230.111.81204 No Content 0 B URL HTTP/2 tytyeastfeukufun.info/utx?cb=XpS67b1IGFb7&top=anonfiles.com&tid=737329
IP 54.230.111.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=XpS67b1IGFb7&top=anonfiles.com&tid=737329 HTTP/1.1
Host: tytyeastfeukufun.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 13 Mar 2023 20:50:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 13 Mar 2023 20:51:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zq2cLARKEzjjFnDodmpKYXM1R5lzWb1gd9paxJM_OR2OchZ5ExwoSw==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/jUXVjS2YyGg0tWSUcB3ZRYkJQeV93HxAkCCFIISBfZhsHGQ8TUxcxAmxFRScHPxJebQM/Fl56QDARAXZSdwETJA1sDAo/FTwMDCoDJVMWKls8GhkiCj0URnkgZFtTblRhXRQiCDUaFDhDY0UNP0NjRVJ7SGFQUAlDY0UUIghnQUZ4JHRHUzNQZVBQCUNjRR-E9Q2I0UntTf0VKblRhEgYoDT5QUQ1UYURTe1dhREZ5VjccES4APg1GeSBgRVZlVncAXno
54.230.245.208200 OK 559 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/jUXVjS2YyGg0tWSUcB3ZRYkJQeV93HxAkCCFIISBfZhsHGQ8TUxcxAmxFRScHPxJebQM/Fl56QDARAXZSdwETJA1sDAo/FTwMDCoDJVMWKls8GhkiCj0URnkgZFtTblRhXRQiCDUaFDhDY0UNP0NjRVJ7SGFQUAlDY0UUIghnQUZ4JHRHUzNQZVBQCUNjRR-E9Q2I0UntTf0VKblRhEgYoDT5QUQ1UYURTe1dhREZ5VjccES4APg1GeSBgRVZlVncAXno
IP 54.230.245.208:0
File type ASCII text, with very long lines (797), with no line terminators
Hash 7c026741144d499d89e5a7c6f5fffa79
0871520ac7cc73bbc5117416269ad1ce9056e4be
226abd45857b4d0c7bcd4c56b815492b04c7de4f8547db765ed07e225ae63c59
Analyzer Verdict Alert fortinet Malware
GET /jUXVjS2YyGg0tWSUcB3ZRYkJQeV93HxAkCCFIISBfZhsHGQ8TUxcxAmxFRScHPxJebQM/Fl56QDARAXZSdwETJA1sDAo/FTwMDCoDJVMWKls8GhkiCj0URnkgZFtTblRhXRQiCDUaFDhDY0UNP0NjRVJ7SGFQUAlDY0UUIghnQUZ4JHRHUzNQZVBQCUNjRR-E9Q2I0UntTf0VKblRhEgYoDT5QUQ1UYURTe1dhREZ5VjccES4APg1GeSBgRVZlVncAXno HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tytyeastfeukufun.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 559
date: Mon, 13 Mar 2023 20:50:26 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: axcFxKlAzHCMtEPK5hNOKFiRqNz2eb_IGP9nH95RqHD4jU2rn6KO5Q==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 9fcbc21a058c94488d8c27f703b90d45
1918d1e1eb5b31f78b8ce2c105c51c6d1fa251cf
2080724c22e53cb699294d3fffc05abe195fd08a28bc255edf6b87562906b44e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: max-age=152533
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 20:50:26 GMT
Etag: "640f3253-1d7"
Expires: Wed, 15 Mar 2023 15:12:39 GMT
Last-Modified: Mon, 13 Mar 2023 14:25:23 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5d67d04ac82d4ea0ca4b38da4bd83aae
bf9e22a9288857af45d6045e823e7527a02e4800
c5aa2b8c1e83217eedc70c576e08beb00af70c47fd99d78bc2ffbcf01cf39bc5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 20:50:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 65783edf3cadf30ad539a0cc067e64f3
9a9b1b83963f634e40cfe282fb2c19a7ed62422d
4deaab452b71b842ac50788218b0831220e0bdd79f795c104ec7cd378b6abfe4
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Mar 2023 20:50:26 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHczxtOQvKvhuuZgcyS3j_o6V1sup4jl65cSLOjAsQFb9H8X-3cWfmeD-aaLG55Vb80rounJYA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-2TW3venAyf6GJij38LUcoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:hBSN2gQGw0FfAB09pOPsSfJMYYRkzw:7ZLt4ALHuPvEQosf; Expires=Wed, 12-Mar-2025 20:50:26 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 12 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash c625bd453b73838105ac10a45685c254
a011305c6b2919506be109d89589b52dcd3cb3c7
10af7c2c1fce189af4d139f55040172e7c7193e3d0101d8cd45b80e7320934c3
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: +uJ5EBMBr/sjGq2PLP9rKjThdZ9VNmGJmih4qwT6fWrpEWJcKVxhN8jxHo7KaOAXA9bIHmSCwXpIZzbWr7HBiA==
date: Mon, 13 Mar 2023 20:50:26 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c020f73e193d39695b2a327b7f823044
293ecfa11699509057daa07b3c103ae57dfc600b
47d1130ec2fc517545f18557e61b4a78a45b9303dfcb9f4db8683da8160205d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4592
x-amzn-requestid: 3925b113-7d29-4400-bbab-b64767943c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_jDEi9IAMF4SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e4613-2bbddae45dbbbe8f6a62f300;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gbtUv0bNfiCz-HwX-L5HGitjTWaezaRQwiukewdVA25WzSEYrpxYqA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:55:43 GMT
age: 82484
etag: "293ecfa11699509057daa07b3c103ae57dfc600b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stherewereal.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stherewereal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 386
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
stherewereal.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stherewereal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 364
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
stherewereal.com/aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw
52.20.131.174200 OK 13 kB URL HTTP/2 stherewereal.com/aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw
IP 52.20.131.174:0
File type ASCII text, with very long lines (33862), with no line terminators
Hash ae76f411e45a65aae2f9ed0ce82e6bab
24cae6afa5d5d23aa07b80989eab86b73ca030ea
e52110fe7be2110da298d3f3ab4027c463fbab2985ced015bda94ca9e552842e
GET /aE9YOWIzbW8KVVt9axtOSm10G1QLLWlfWlgrdVhSWnh1DQBYK3UAV1B2dQxaXyttAFtYezxfW0pjegoBDitgWgdeYmoLVwpibFpbXGI6DVRQYmAPBgstPAgADndvWEBEbStOQERtK00KDT09TgcaKjlVTAsgNRtOSn5oF1dKYz5YDhsqdF8DBDw9FQQJIytcPw HTTP/1.1
Host: stherewereal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 8169b6e5fe6d45d8e4a5cfb0d255764a=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8446-sNS4HhElSVcW/+d1cVFl6qoqxbk"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
stherewereal.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stherewereal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 356
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 13 Mar 2023 20:50:26 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6143
last-modified: Mon, 13 Mar 2023 19:08:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTfzBl8YTLCEiAL6JxIpkVhHH3QPDbW95aCeX%2B5UmdyTasV8sdrh7nMzhoiFTwbFKRP49PihKLgQ%2Bwwt0eallLtQqj89u7%2FzF6AwL%2BUna2Vu7wgdTih5fFbSzO0TPpyZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a772635b96e71d8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 13 Mar 2023 20:50:26 GMT
content-type: text/plain
set-cookie: csu=862275873622314@1@1678740626; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZreMEmeJDxrBfzmiAzIHA1t1cvumvUf5JnRSk9QsQDkh5WOcZN7p6E4%2FmkNeHb1LOcqwmPyzsbUpUeMi47FmixeinnqyTHvoEw31wOQrS6tHbgoVGMosb08BGRQe%2BeEh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a772635a96171d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
54.162.51.18200 OK 0 B URL HTTP/2 baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
IP 54.162.51.18:0
GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1
Host: baconaces.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e101-7derAVqmGXQ3MnnRWd8oHwJF95c"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
vjs.zencdn.net/7.3.0/video.min.js
151.101.2.217200 OK 0 B URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.2.217:0
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Mon, 13 Mar 2023 20:50:24 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Mar 2023 20:50:26 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHfRMrTXLfAqxJHvbrH-21sWnbRVe3W3bXP53un-pHrVsuI567HXfm_zgZkyLCYgjWGOa9Og2Q
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-vU26AIEBfnskO6LhUqefnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:mJSSdwZFljmXcVhVZ7h60Iecexo3Iw:_Kv_kjC-OWpu823H; Expires=Wed, 12-Mar-2025 20:50:26 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2