Overview

URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
IP138.201.48.112
ASNHetzner Online GmbH
Location Germany
Report completed2022-09-23 08:51:56 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 pseepsie.com/custom Malware
2022-09-23 2 pseepsie.com/custom Malware
2022-09-23 2 pseepsie.com/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-23 2 tovanillitechan.com Sinkholed
2022-09-23 2 tovanillitechan.com Sinkholed
2022-09-23 2 tovanillitechan.com Sinkholed
2022-09-23 2 tovanillitechan.com Sinkholed
2022-09-23 2 unphionetor.com Sinkholed
2022-09-23 2 unphionetor.com Sinkholed
2022-09-23 2 tovanillitechan.com Sinkholed


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 34.160.144.191
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.89.20.60
mnemonic passive DNS pseepsie.com (5) 132332 2021-03-12 04:11:08 UTC 2022-09-23 00:41:21 UTC 139.45.197.250
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-23 04:02:13 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS anonymfile.com (9) 0 2022-08-09 20:53:13 UTC 2022-09-22 15:37:28 UTC 138.201.48.112 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-23 04:34:15 UTC 151.101.85.229
mnemonic passive DNS tovanillitechan.com (5) 0 2022-07-22 05:21:08 UTC 2022-09-23 05:21:49 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS unpkg.com (3) 11693 2016-01-07 23:26:01 UTC 2022-09-23 06:19:39 UTC 104.16.122.175
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-23 06:12:15 UTC 104.18.32.68
mnemonic passive DNS bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-09-23 07:25:08 UTC 139.45.197.234
mnemonic passive DNS dozubatan.com (6) 33479 2021-05-18 14:02:27 UTC 2022-09-23 05:21:49 UTC 139.45.197.237
mnemonic passive DNS interstitial-07.com (2) 36198 2017-03-09 00:00:07 UTC 2022-09-23 00:55:03 UTC 139.45.197.152
mnemonic passive DNS cdnjs.cloudflare.com (5) 235 2020-10-20 10:17:36 UTC 2022-09-23 05:06:17 UTC 104.17.25.14
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-23 04:08:58 UTC 139.45.195.8
mnemonic passive DNS unphionetor.com (2) 54035 2022-02-11 12:53:49 UTC 2022-09-22 16:49:07 UTC 139.45.197.236
mnemonic passive DNS inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-09-22 16:38:33 UTC 172.67.211.29 Unknown ranking
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-23 05:21:49 UTC 139.45.197.243


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.201.48.112

Date UQ / IDS / BL URL IP
2022-12-04 18:58:36 +0000
0 - 0 - 8 anonymfile.com/zn3Pj/casual-paka.zip 138.201.48.112
2022-12-03 21:17:11 +0000
0 - 0 - 5 anonymfile.com/zn3Rx/how-to-draw-manga.zip 138.201.48.112
2022-12-03 11:10:14 +0000
0 - 0 - 7 anonymfile.com/PR5Ed/ragebotbyjakki.zip 138.201.48.112
2022-12-02 21:14:38 +0000
0 - 0 - 5 megafile.cc/o7xV/dx9.zip 138.201.48.112
2022-12-01 15:25:08 +0000
0 - 0 - 9 anonymfile.com/OaeQQ/resources.zip 138.201.48.112

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-12-05 22:16:43 +0000
0 - 0 - 1 z.makebestoffers.it/campaigns/ld9794ngvpee2/c (...) 65.109.21.248
2022-12-05 21:53:19 +0000
0 - 0 - 2 malkinawlaoka54.de/mein.post/web/cxrf95s0xft8 (...) 142.132.151.189
2022-12-05 21:15:18 +0000
0 - 0 - 12 i59.fastpic.org/big/2013/1019/b1/53ba61338f99 (...) 95.217.39.24
2022-12-05 21:06:41 +0000
0 - 0 - 3 168.119.167.188/436959179261.zip 168.119.167.188
2022-12-05 20:47:10 +0000
0 - 0 - 3 168.119.167.188/665420770571.zip 168.119.167.188

Last 5 reports on domain: anonymfile.com

Date UQ / IDS / BL URL IP
2022-12-04 18:58:36 +0000
0 - 0 - 8 anonymfile.com/zn3Pj/casual-paka.zip 138.201.48.112
2022-12-03 21:17:11 +0000
0 - 0 - 5 anonymfile.com/zn3Rx/how-to-draw-manga.zip 138.201.48.112
2022-12-03 11:10:14 +0000
0 - 0 - 7 anonymfile.com/PR5Ed/ragebotbyjakki.zip 138.201.48.112
2022-12-01 15:25:08 +0000
0 - 0 - 9 anonymfile.com/OaeQQ/resources.zip 138.201.48.112
2022-11-29 15:57:24 +0000
0 - 0 - 9 anonymfile.com/dqxXo/pack-mex.rar?PageSpeed=n (...) 138.201.48.112

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-23 15:51:34 +0000
0 - 0 - 9 anonymfile.com/BW4y/udemy-aso-anime-manga.zip 138.201.48.112
2022-10-22 01:50:05 +0000
0 - 0 - 8 anonymfile.com/lEa9/decryptor.7z 138.201.48.112
2022-10-14 19:24:28 +0000
0 - 0 - 12 anonymfile.com/9OYD/pack-apks-premium.rar 138.201.48.112
2022-09-29 11:03:38 +0000
0 - 0 - 13 anonymfile.com/J2oO/text.zip 138.201.48.112
2022-09-27 18:39:08 +0000
0 - 0 - 4 anonymfile.com/qrE7/amongusv2202changename.ba (...) 138.201.48.112


JavaScript

Executed Scripts (25)


Executed Evals (1)

#1 JavaScript::Eval (size: 79, repeated: 1) - SHA256: e46c4aea5207d00c24d220db804ccdb8ac3bb6e6527075004a56973dd9252b0c

                                        (() => {
    const a = async
    function name() {};
    window['ti3vuhwu13'] = true;
})()
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 4, repeated: 1) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0

                                        2022
                                    


HTTP Transactions (70)


Request Response
                                        
                                            GET /eyXa/imlikeaghostfr.pdf?PageSpeed=noscript HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         138.201.48.112
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 23 Sep 2022 08:51:45 GMT
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Fri, 23 Sep 2022 09:50:10 GMT
Date: Fri, 23 Sep 2022 08:51:45 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 08:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SFieLEHBNlYvaLNtDIroZxt34qudGrzc_21-gdWjaDtvyswne6ZyCQ==
Age: 2258


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4683
Expires: Fri, 23 Sep 2022 10:09:48 GMT
Date: Fri, 23 Sep 2022 08:51:45 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: xCz46dhE0eW1G4F/Q+PdaQaNqCSq99PIAwR0nlyfoKLa4vlKDjVrmUEfZkh3Yyoc2kXvfZ4ktdc7Gkkv+MvkhA==
x-amz-request-id: WB1B7TAFJEGQFQZG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 08:46:54 GMT
age: 291
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4966993
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBROgopuXZ2dCkjciAjbzQTBWuSeABxb6peJu1YK7Z%2FScxbgHMNAKlvG9J6YLKaheAKxuc2jR5OVMGMkWYqpkjwilwxGkNgDDJ6Y6KeEma1pvVMgggz4HDG6y6o1xaQFza7%2BtLUr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52abf9b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65370)
Size:   29707
Md5:    d18c98bb03dac8dd996130d56f3d8e8c
Sha1:   cc1777baef75c9438534927036a21f22e91e5578
Sha256: 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
                                        
                                            GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4366051
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDo2j900L1q8bGb77iQ0iRGfgfCaJWOfLZpVpFd3stloVEXOuO4tIAxoL7pScNXIPzx4lhc9J2dRhTZoRE%2BK7%2ByBYzB3Zc31DmcAGgJoYeqMocxTZ7GbT2LHL%2FYLDRf7dW2L7UQJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc0fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58940)
Size:   14584
Md5:    28dbaeb9aa2638e0c4e6d9ffd3d14e9d
Sha1:   3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
Sha256: ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
                                        
                                            GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 312053
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRZBCvtSI9cfuHNFNMQG%2BuN29Z9Nx13sRpvyXvA3xZMt32UMvccjsEvBppPm2JpYehC2t4WX1MVh%2B9GmaH1MtaiSfT6OcfKhhv22ajufdjYTssbDhDga4Ed2fda%2FbK04Id40kg1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc11b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (10584)
Size:   3000
Md5:    e34a4db0b42ca907e0b7a56cd4b145ec
Sha1:   2dc36a7dcdfc42d122b23ef91483d27865c4285f
Sha256: 4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4968326
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJiMch3jX6Ny1vof1V%2F4WdHFmZZ6yZn5fYBK6M9o4n9hTTZnkciv%2Blq08OvebFiuguBGrCNk8z9Q5uDxp8xfrj1J23wBJiCzN4g95rEVraC5eEpvvXKVxVVBgopGs%2F6dW63mmJPI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc12b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6965914
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSyoVPPhtDeSCNQ3UowAE708njJduPHJ99tmcmMrOhUlzO11DS8cySgTIUQLGwPTOdr5dI%2FStVT8XQ5TXFvmiiEUWRBy0ALbHo%2B1kC8YLx3LFrM79n2e9qu7OZ2BBAI6IDlWaeZl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc13b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18706)
Size:   6037
Md5:    3773d4bd82b03cdfd02c9fd691f80d78
Sha1:   c4d89a2de179c90944835571b45877048f3c1424
Sha256: 5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3936
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 08:51:45 GMT
Last-Modified: Fri, 23 Sep 2022 07:46:09 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6194
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 08:51:45 GMT
Last-Modified: Fri, 23 Sep 2022 07:08:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /npm/sweetalert2@11 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 11.4.33
x-jsd-version-type: version
etag: W/"1122c-J9H0DCRqMGO33uXpjie+s7dGIes"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:51:45 GMT
age: 1052
x-served-by: cache-fra19183-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19287
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (44435)
Size:   19287
Md5:    dcba663c4abdb8ca0a7f4974af933322
Sha1:   e8d49335c7bdef21531b4ec6c95ae0ec9fe96e09
Sha256: 3dd1d4f839dd267f48585ebcfcb818a1320f6f52b1e8a4b8e752df3d8091631b
                                        
                                            GET /img/logo-anon-warning.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:49:13 GMT
expires: Fri, 23 Sep 2022 08:54:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15344
Md5:    7b596f481388ac5ef6d74a15a351f6c3
Sha1:   6756e88c0b46cc981b7bbbdaf2ead77bd258a472
Sha256: cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
                                        
                                            GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.122.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 6966349
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a534fceb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3123
Md5:    be060b50cbb4fdfb036b1c1a8c56b8e6
Sha1:   81861fe9b0fd78fa3442b5716bfca6dd20b7d02b
Sha256: 310e9cd2e29baf8eed13e924476f31a1f594a6fc3277fd268ce42bda7e482c7c
                                        
                                            GET /img/main/footer.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:49:17 GMT
expires: Fri, 23 Sep 2022 08:54:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   178070
Md5:    79ccb3a1b78412a1a530284f45ea7056
Sha1:   626d0494e1bd871e67ecffad44d04ac2343fb7e5
Sha256: 3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
                                        
                                            GET /css/theme.min.css HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   61509
Md5:    ac20ae52902474bc21f37dd62654f6e0
Sha1:   40818973bd9065d893c935170aa4a7c3500d69a7
Sha256: 476a2e672d82d64d42cc1dc29b960d9e891d45bb4271a98623295ef28c7511dd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5035
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 08:51:46 GMT
Last-Modified: Fri, 23 Sep 2022 07:27:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /img/logo-anon-warning.png HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size:   40729
Md5:    d52ea6ebcd0b10dcf112a9d6c43ceee0
Sha1:   641e5277e2e079f0e88e2899879fda8882e58d28
Sha256: 77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Fri, 23 Sep 2022 08:51:46 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Size:   4951
Md5:    d9dda1b6a9444e8bd564ee392db21277
Sha1:   acde147b30055cd0dabbb5c7b48f7ee83aba9aaf
Sha256: 3ade4e0ed9d0a2721decb0d13da47814f06b8bf5cd70a09be3b65dd35ebd9b82
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3C7DDFFB4F45FC048F9F0D1602CB60C3C5FADC4435C88F718FDC13902354ABD6"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Fri, 23 Sep 2022 09:52:08 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vJKgDnM68bkX3cFp/lKERQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.20.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tBMqp/EtPPUQxccxRN0DkIE2R4M=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EE8C88025F2F19D372AE33D8D82883A27CEA6313E91F5FE79AB2101646BCE8F0"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Fri, 23 Sep 2022 10:28:01 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DB67BD24AF8E50A7AF38451C2FEBE20EC4C1EAF713E6E6BCC5ED4B1D55D24098"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11651
Expires: Fri, 23 Sep 2022 12:05:57 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D42F4F3D40785F153428139840EAED00FAA07ADA26D30DA5E37AB8DEF8F36C7"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3923
Expires: Fri, 23 Sep 2022 09:57:09 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 08:51:46 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=552214,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f20a577bdfb4fd-OSL

                                        
                                            GET /gid.js?userId=3ddc54fb266d446a9817b79b5e08bf6a HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    a6cb42e668ebbbb864c9344c33f30d23
Sha1:   cfbc3bcf3e64224b65726443d7ea3ac00d607904
Sha256: 8077ff6190b105634c052b13813bf148271c834f81f9f2d065771b5afc3bffea
                                        
                                            GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 664
x-trace-id: fc4dc291cfa5349fc12d37d6be9773c9
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (663)
Size:   664
Md5:    924f83d583902548517c3327ff8e4493
Sha1:   7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
Sha256: 92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "11559A005C262B46C93CF2B687C8D6E16E3B0FFBD6FCBD5D36E26E718A4F88EB"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3084
Expires: Fri, 23 Sep 2022 09:43:10 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

                                        
                                            GET /42/38?z=5307589 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 11851f21452d5f9db6760f6f78d6ce4f
access-control-expose-headers: X-Sc
set-cookie: OAID=bf470b0fadc34e11a64e8234d7f041c7; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65523)
Size:   131245
Md5:    369181a44ab40b3cc2510921246c5f4c
Sha1:   ffcd2eea059c0aaba575bf0b397f89c81f83e802
Sha256: d064fbc3c4aa4abe30d92bbdf1ec17c20c900b730ddac549f35e762bec33717b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /5/5307591/?oo=1&js_build=iclick-v1.429.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
x-trace-id: e76ff41c936b5c26d3adfd82cd4f7858
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (17670), with no line terminators
Size:   7414
Md5:    6071766c1dc1119dbb7c64d687744c01
Sha1:   d462eecc13592467e040d55cd69251922783372a
Sha256: f1859b1b73cd62fc2cb7e4f4a7a6be280226f702658604887dffc20823049ff2
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /400/5307588 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
x-trace-id: d8ffb174bafff503c4787dda808ad7d4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=dfed65e61f884f60a358cd85538f51a4; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31157
Md5:    bd9cf6f81c1fad10b0f3804a1fbcc15a
Sha1:   745faa8aa74e7b9377601efea42606810ce3da38
Sha256: 7c39ea5e131e07432ee1d2a51e52d6b8606a57b577828e0dab21cf1c81d4b84e
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 791
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 39
x-trace-id: 13e5b3be58e78e38c244b59bef5139fc
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /11?rnd=1425512728&z=5307589&b=14505328&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf&ruid=d880ee8d-f954-4b7c-9b7a-3eac92d62dbe&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=90 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=3ddc54fb266d446a9817b79b5e08bf6a; oaidts=1663923106
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7b0c93ff1ca2c18a860bef94f9a95177
access-control-expose-headers: X-Sc
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 08:51:46 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=532233,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f20a5a5f75b4fd-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A51C385C0E195E72F489954CDAE59B4CDD869A63F366088E50A4E7513838953A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Fri, 23 Sep 2022 12:26:58 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

                                        
                                            GET /1?z=5307589 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bf9054442efffd43e6833aff74b4c6f5
access-control-expose-headers: X-Sc
x-sc: Ul_d3mMx3VovV3-v7JugBV6MQtF4eZcmGg0a--i7ri0WUVXWoRISrdMxuNjMExgtY_ilBKuqFZlKeB_JTHRzOlvemok=
set-cookie: scm=1; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None OAID=bf470b0fadc34e11a64e8234d7f041c7; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3559
Md5:    642fc1156626c77e4705452d7a834c75
Sha1:   f79c30a8299cf2888b2ed10a29898d9cd23d12a4
Sha256: 2ead4a0d73c4a174750814d90ff1afbbd10185428b5fdaaa184c874785334e3e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=dfed65e61f884f60a358cd85538f51a4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
x-trace-id: 45ccf2a7c57f5a001a4d4e227a6b21b0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   77599
Md5:    6ec0f5e2272c9d75392e6d7c99946793
Sha1:   5558e988fa62080f03fba00a62c99b0646cbebad
Sha256: d001bee9daba84f7dc16467323343b8e6b3833dc23cae453f708ac50c79ad149
                                        
                                            GET /contents/s/66/b3/32/cc869685d47aa5fc5aed0ee5d2/0225907308323.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
content-length: 25403
last-modified: Wed, 13 Apr 2022 16:39:55 GMT
etag: "6256fcdb-633b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   25403
Md5:    66b332cc869685d47aa5fc5aed0ee5d2
Sha1:   cca872d3733ea7073a8628f6465e9c5e7bc04476
Sha256: 75b09353fa7d53dd635de034aa971aabf975297f334a335cb4cbb16a82ac4a31
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E41EF9EA9F18A42BB7CE3E16B59E9934EF471DAC566EADBC20D369535307A03F"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2488
Expires: Fri, 23 Sep 2022 09:33:15 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/a7/38/6f/7414b456c918d0db3f4a7f8adc/0404027195892.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
content-length: 61558
last-modified: Wed, 13 Apr 2022 16:39:54 GMT
etag: "6256fcda-f076"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   61558
Md5:    a7386f7414b456c918d0db3f4a7f8adc
Sha1:   098cd5dc2a88b754e65a9069c7ab2346146a5cbb
Sha256: ae5b9aa7bdca1f343d79693bebb66a90cd76c2b1d73762dcf86d012d4d48307d
                                        
                                            GET /fv.js?t=72747&cb=2106930519 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: da8a46e2bfcfe30a2f3bfd718ab5c499
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1d355c73bda57a9044743175b781ca1c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 38421
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.122.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GDMRBH721X94BQR8H0HC8YE6-fra
cf-cache-status: HIT
age: 387
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a532fbbb50f-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12933
Md5:    fa2793a5e9be2fe1b75511153ec8d00c
Sha1:   5b6ab8f23e1fc30df0ac902aa04ec3a103206311
Sha256: 4b20c7c9e51fe63045562c59f57c37bfda99ee14f350093b285bd002d79603b5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12538
x-amzn-requestid: 2ae96766-6999-44ec-8084-a19d26b3e118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOHYFIAMFXYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-060b96fa5fc99e79711bde3f;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f2gWVJG2DTnIblkJjx4bkFIeg8GauM9TnrThPQPZTkAuL7D7AyG2TQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:48:34 GMT
age: 54193
etag: "76ac1f33cd006227162e12e7142e754562bec0c0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12538
Md5:    e2bbb3856eeac20d0ee556c96144bf6c
Sha1:   76ac1f33cd006227162e12e7142e754562bec0c0
Sha256: 1e3f6551d401346b6d809d8feb9b36a9e0006f99f518d1130aa9bd630bfb6801
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 15531
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:15 GMT
age: 38432
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9481
Md5:    1eab8da8cc1495a0221efadddd1a0bcc
Sha1:   4156c37b612d5fb99c6b061187a3cb0b314ae4a8
Sha256: 2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 39805
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /impression/79nQE5qR_kxCbVlc-amxYqqkFEFBzlyALAOoVYUw-qhle7mVCrs7seMQu1YvV-LaS5uoXHqzZKL87iHWQwtvMeub5qKas99nDfwuZ_1a9bspK6F_PsOYXCEyY5G5Ucy_14WWRok7iFlgnVJxgX7QoJqVZicIrNCsU4yF8nSsWEVkh1aQBVGEFfL37-v1ZamN5OEW0bV-sbj2-6yAmI8ExYpUhlhFMFQZeJRRb3vc2w7pf8bCx4ct8zP2md2fYllo_lcCgyYqjuGC6xXTocUCuB6uC2oJFnEZpLrQX19Ey7Pfrwgs9aiCyLcmq6Lrhs_qffiIpghX86au0OtNgytyx_tW2WBw1iETj6TC7HCwS6cirPz9GKOD2xMkfYuas_0pmfkNK3enKiM1j1lz3w2_K8yLlRhuWJ-DRD5xj4jOVaCY04XCKa_m4MMb7Sh3xwJDR3ac9L8u0aBKnxNvjnlpIwxysdNpV2q1vhUniHmCCRThL7RAH47527TY646EtS9iY_2BQ-0C0tL6nuMeHHn3rJBOH8W3vMJaBtB_iXvfppn8EW3YpqeBJtsoGnhipFGkkS2ucpnC-_5hM6aJDHwvx8Q7i9UHoSkAmbKHLPl5dfwYOqdUqTHB0U6w68uG1MH1ssi5EzSXQCDtGNz4J5vidJS5HGsJZmMaztt2oHeoxcXt9l87hUzWDA1x2Hklnov2kE7AvoGm0fA=?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
content-length: 43
x-trace-id: c9ed931ef03fb951051208eab807afbc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            OPTIONS /500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 415
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:54 GMT
content-length: 39
x-trace-id: f04cb881430e64f32116a2208fffa721
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gid.js?pub=0&userId=0dea868a8d324f8d8bedd16641b81c74&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:54 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    a6cb42e668ebbbb864c9344c33f30d23
Sha1:   cfbc3bcf3e64224b65726443d7ea3ac00d607904
Sha256: 8077ff6190b105634c052b13813bf148271c834f81f9f2d065771b5afc3bffea
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.211.29
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:46 GMT
x-trace-id: 23edf38e61eaf84f4bffff0ada1af35d
cache-control: max-age=86400
last-modified: Tue, 20 Sep 2022 08:55:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 24 Sep 2022 07:44:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCw5DXLAanF%2FrT9aOIcyl7gkogyciPlk040dTtRnhVKPe2Yhd7eLaSHOGMW1fpnUGkCHJysvqoj%2FjuuYZf2PlZ%2F%2BYoWONwLRouZ%2F3uSp8h%2BKxR8k3NZQnjZc1ih6Zy1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f20a55a839b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Fri, 23 Sep 2022 08:51:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3ddc54fb266d446a9817b79b5e08bf6a HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 119
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: df0eda45add7dd45b25ca0faf0abf0e0
access-control-expose-headers: X-Sc
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /eyXa/imlikeaghostfr.pdf?PageSpeed=noscript HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; expires=Fri, 23-Sep-2022 10:51:45 GMT; Max-Age=7200; path=/; samesite=lax anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D; expires=Fri, 23-Sep-2022 10:51:45 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 08:51:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
x-trace-id: a5117041b5dbd434666cfe8d7470ccb9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 23 Sep 2022 08:51:46 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcZw5Rp3Uxt3N%2B3gwTI%2F46bnR3sJBIlwpVWRTDIzCLjSg98nWuQ3sLE7jQwx7XHdBz4zzBFFTQoA6%2BKrWWQYiAEAeDlwdDZxc%2FDTxk8J16aE2BFJKEiwqhfrc6Untw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f20a589abefab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?rb=m3ZR6T2HPiTO0erA4Uv6nfK6KEk0gGOJtjft6S6Cjj00tSznRklRv6cF8agCzdR4pwA9Nevos6H1Iks3jLU4GUWHGIdhL3_u3ITKDeVzzSg4Rm0AJTLj1us1DOgJaoJoDS_X2Ibi63CXpN6GHPptxe25gDSCWcslNGILi8LWVwLMoTPLN0bEHJQ2q4NIpcJ8EsMKixqYQkEH188S31UO13wPQwI%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.429.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.429.0&bs=a84d2f3f-30e5-46dc-b130-e6e5c7622b17&userId=3ddc54fb266d446a9817b79b5e08bf6a&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
x-trace-id: 8313962b61bf049249fb148ebb16b2da
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 30 Sep 2022 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.122.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Fri, 23 Sep 2022 08:51:45 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GDMRG8CF3MAAQX3P3EZX7BRZ-fra
cf-cache-status: HIT
age: 233
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a532fbcb50f-OSL
X-Firefox-Spdy: h2


--- Additional Info ---