Report - anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript

Report Overview

Submitted URL
anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
IP
138.201.48.112
ASN
#24940 Hetzner Online GmbH
Submitted
2022-09-23 08:51:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	931 B	1.5 kB	139.45.195.8
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	822 B	3.6 kB	139.45.197.236
inklinkor.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	1.1 kB	172.67.211.29
onmarshtompor.com	24517	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	979 B	978 B	139.45.197.243
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	1.9 kB	104.18.32.68
pseepsie.com	132332	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	2.9 kB	139.45.197.250
tovanillitechan.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	139 kB	139.45.197.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	51 kB	34.120.237.76
anonymfile.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.9 kB	305 kB	138.201.48.112
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	325 B	1.5 kB	143.204.55.115
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	20 kB	151.101.85.229
dozubatan.com	33479	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	112 kB	139.45.197.237
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	18 kB	104.16.122.175
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.20.60
bedrapiona.com	34930	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	8.6 kB	139.45.197.234
interstitial-07.com	36198	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	88 kB	139.45.197.152
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	11 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	87 kB	104.17.25.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	830 B	172.67.194.45

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	pseepsie.com/custom	Malware
2022-09-23	medium	pseepsie.com/custom	Malware
2022-09-23	medium	pseepsie.com/custom	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-23	medium	tovanillitechan.com	Sinkholed
2022-09-23	medium	tovanillitechan.com	Sinkholed
2022-09-23	medium	tovanillitechan.com	Sinkholed
2022-09-23	medium	tovanillitechan.com	Sinkholed
2022-09-23	medium	unphionetor.com	Sinkholed
2022-09-23	medium	unphionetor.com	Sinkholed
2022-09-23	medium	tovanillitechan.com	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	inklinkor.com/tag.min.js	72 kB	2023-03-07	2023-03-07
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:43:58 Last Seen2023-03-07 23:58:18 Times Seen1 Hash 0073978cfc9387e374e7f3fe2c40778b ab7702c239ee3a4670021db48bec49c2fa3ed551 c61b3431b8dcbcd763f6d45384d0199aed53051d1639b72d2427325f96a5ba74 Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	102 kB	2023-03-07	2023-03-08
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:39:59 Last Seen2023-03-08 02:29:44 Times Seen1 Hash 46fea135d8779c679c2d0706a22f08a3 5cd54121aef1c771b1bad8e8340e69cd52c81f6e ed9cf62d154e465aca23b89b91a888b5646d703d91072a8db940b6bf5026d285 Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	102 B	2023-03-07	2023-03-07
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 563fa50861ded4398fdf989e188ad783 d51e84a4437d7d8a5e832e3c9287b6bc72d7f04e 58aec63dd3929f63a08beed925d5fd5236dc5d8522b13d076bee3e4c9bfb15df Loading...

	interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	1.4 kB	2023-03-07	2023-03-07
Pretty URL interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 375e1b071befaf775ae5992ecb0f1a46 64b03846add00b4e2403682a6e7213e87b94ddbb 590d50013587c7adeb77068d88737b1a53f1377d7f830a46740483bb86b96d87 Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	40 B	2023-03-07	2024-05-10
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-05-10 18:57:47 Times Seen4779 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	213 B	2023-03-07	2023-08-29
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-08-29 21:14:02 Times Seen131 Hash ccea0e1846102f4f1ed17644f6c6baa6 e43c87b583bef9f3e325ab7bf9ccf4a1f80bc35a e84714cb230edad68ac36e473976e94ca40d378d53fc1b7b539c03879f7ab887 Loading...

	tovanillitechan.com/1?z=5307589	8.7 kB	2023-03-07	2023-03-07
Pretty URL tovanillitechan.com/1?z=5307589 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 31c28a1d6ab6412773fb24bd5a30106a 8cb8b72d6a4bc680db799e0da25b659c404a5f18 60a30573868142c1ae55eac0b20c180ab78f2c748dee799bc9fdc3c58b5b0917 Loading...

	dozubatan.com/400/5307588	82 kB	2023-03-07	2023-03-07
Pretty URL dozubatan.com/400/5307588 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 655be6b6c4875b757c6a225a9f36db58 a5eabe669d4968693fb2be0aa5169e27aa6e0fd8 4d83efcae1aa1d07f50724df87a87d45ddfd8db4a4960cce909986a3f2ef3e66 Loading...

	tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b	408 kB	2023-03-07	2023-03-08
Pretty URL tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:17:47 Last Seen2023-03-08 05:35:44 Times Seen1 Hash 7ab89f78b6aefbb5652eabbe8b71c1c6 f558db93cba76989a8daa5498bcb9f5357e892e4 296c8334bfec54e3a1a0772e1efe387735181b85d04557ac3befd33e69ce6640 Loading...

	unphionetor.com/fv.js?t=72747&cb=2106930519	5.2 kB	2023-03-07	2024-05-11
Pretty URL unphionetor.com/fv.js?t=72747&cb=2106930519 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-11 00:17:31 Times Seen2378 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-10 20:20:08 Times Seen2426 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	70 kB	2023-03-07	2023-11-30
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:00:31 Last Seen2023-11-30 13:04:08 Times Seen2 Hash 95d987ed318f5531db232a31db0927da 27d1f40c246a3063b7dee5e98e27beb3b74621eb b86447bc3b55a4178577b68a5a735d83ba88a3e7fe7503e51513124ea3aaee8f Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-11 04:12:11 Times Seen270405 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js	7.4 kB	2023-03-07	2024-02-08
Pretty URL unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-02-08 07:46:02 Times Seen604 Hash 6170d2a086cb1d5769c6fd1f76edf99b d61c541caceb4e5deb35d8642702b89091a8bb42 6fc678b64782a17a266b5675e195be5956efd7513fd228143901b427983df928 Loading...

	unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js	6.8 kB	2023-03-07	2023-03-17
Pretty URL unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-03-17 12:45:31 Times Seen1 Hash 504ad616f6fd714ea19cb18c5f002ec0 51fa2aebcca15418f3deb887e700062570f8d295 3f530043897758190014c6b777195dad6846a4f579ff416cf24829b5c702f33b Loading...

	anonymfile.com/js/site.js	9.4 kB	2023-03-07	2024-04-25
Pretty URL anonymfile.com/js/site.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:42 Last Seen2024-04-25 20:59:34 Times Seen434 Hash afecd65686f50e645b8e1ee3edade2c2 f038373fb9efa997f7aeba9f80a47fbc3d6bd634 524fcae3468beb724c12b61925a2c1dcdb482f37783cd9d3f7630ae8bafa3d2a Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	193 B	2023-03-07	2024-01-15
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-01-15 22:34:31 Times Seen141 Hash 4b7b08e36b07601453ef10bef59afe1e 1f0003567c5e86d6fc129bbf62384e04ca2a1a2f f54132e87f4227d9e6ccf534bb92ff7746c7fb734ab9eb7197c0810ea6b52c52 Loading...

	tzegilo.com/stattag.js	33 kB	2023-03-07	2023-03-17
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:21 Last Seen2023-03-17 12:47:57 Times Seen1 Hash df875929410d71d763e9fa10b830bb2a b0711a8d2bf6ad4ffa4640534588b423f2ef7fec 0be796b658c6cee0d55aa164994d0d83f9ec7aa7ecf1eb41c1ddf208bba9e3b1 Loading...

	cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js	118 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-25 20:59:34 Times Seen1060 Hash 516f35ea42aa797b3b106a8f108edb88 9b1313b221c5d59835c31da0327f4273a2647174 9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js	59 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-10 20:20:08 Times Seen3382 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	tovanillitechan.com/42/38?z=5307589	0 B	2023-03-07	2024-05-11
Pretty URL tovanillitechan.com/42/38?z=5307589 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:14:20 Times Seen37534576 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	1.3 kB	2023-03-07	2023-03-07
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 85eae4ddee91e1614ffdd85f4d0c8170 a15d1ed8f23ac03364d98f8c42d29c00370fc2a1 13f65f78c5a1521572d520ba312affcee06e76fed552a7d7492f5c51458ea98d Loading...

	pseepsie.com/pfe/current/tag.min.js?z=5307590	15 kB	2023-03-07	2023-03-08
Pretty URL pseepsie.com/pfe/current/tag.min.js?z=5307590 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:39:59 Last Seen2023-03-08 02:29:44 Times Seen1 Hash b9e91cdb7ebdcf6f7fab4ba420bc0279 7b8168c8e63f7f19f3aa0fd6e9f7de2bda94fc75 b6cfd864214290df187cfdda0bc4245b59615e2e13d3442470eb9224a8845fc5 Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js	11 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:42 Last Seen2024-05-09 21:26:45 Times Seen710 Hash 27784b7376dd992368c71b6c5559f358 f86d2ac408c4de0d5281cf91d6ddfb93e5e5d2ff 11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a Loading...

	anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript	4.0 kB	2023-03-07	2023-03-07
Pretty URL anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 30eb114b6b00a00b4332339628b528f3 aceb281070fed3eb2a3f343234594d9045385736 173a053ba9a40565700c300554062a7920be318820ac3432070aa214f41bd495 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 068bc467c14ff595e977b1a82221dcd7	79 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 23:44:26 Last Seen2023-03-07 23:44:26 Times Seen1 Hash 068bc467c14ff595e977b1a82221dcd7 762c8e9aef9781530bc12ed36384f9bf3727b7f2 e46c4aea5207d00c24d220db804ccdb8ac3bb6e6527075004a56973dd9252b0c Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (70)

URL IP Response Size

anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript

138.201.48.112

301 Moved Permanently

162 B

URL HTTP/1.1
anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /eyXa/imlikeaghostfr.pdf?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Sep 2022 08:51:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Fri, 23 Sep 2022 09:50:10 GMT
Date: Fri, 23 Sep 2022 08:51:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 08:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SFieLEHBNlYvaLNtDIroZxt34qudGrzc_21-gdWjaDtvyswne6ZyCQ==
Age: 2258

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4683
Expires: Fri, 23 Sep 2022 10:09:48 GMT
Date: Fri, 23 Sep 2022 08:51:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xCz46dhE0eW1G4F/Q+PdaQaNqCSq99PIAwR0nlyfoKLa4vlKDjVrmUEfZkh3Yyoc2kXvfZ4ktdc7Gkkv+MvkhA==
x-amz-request-id: WB1B7TAFJEGQFQZG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 08:46:54 GMT
age: 291
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65370)
Size
30 kB (29707 bytes)
Hash
d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e

HTTP Headers

GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4966993
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBROgopuXZ2dCkjciAjbzQTBWuSeABxb6peJu1YK7Z%2FScxbgHMNAKlvG9J6YLKaheAKxuc2jR5OVMGMkWYqpkjwilwxGkNgDDJ6Y6KeEma1pvVMgggz4HDG6y6o1xaQFza7%2BtLUr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52abf9b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js

104.17.25.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58940)
Size
15 kB (14584 bytes)
Hash
28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362

HTTP Headers

GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4366051
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDo2j900L1q8bGb77iQ0iRGfgfCaJWOfLZpVpFd3stloVEXOuO4tIAxoL7pScNXIPzx4lhc9J2dRhTZoRE%2BK7%2ByBYzB3Zc31DmcAGgJoYeqMocxTZ7GbT2LHL%2FYLDRf7dW2L7UQJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc0fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js

104.17.25.14

200 OK

3.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (10584)
Size
3.0 kB (3000 bytes)
Hash
e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a

HTTP Headers

GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 312053
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRZBCvtSI9cfuHNFNMQG%2BuN29Z9Nx13sRpvyXvA3xZMt32UMvccjsEvBppPm2JpYehC2t4WX1MVh%2B9GmaH1MtaiSfT6OcfKhhv22ajufdjYTssbDhDga4Ed2fda%2FbK04Id40kg1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc11b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4968326
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJiMch3jX6Ny1vof1V%2F4WdHFmZZ6yZn5fYBK6M9o4n9hTTZnkciv%2Blq08OvebFiuguBGrCNk8z9Q5uDxp8xfrj1J23wBJiCzN4g95rEVraC5eEpvvXKVxVVBgopGs%2F6dW63mmJPI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc12b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js

104.17.25.14

200 OK

6.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18706)
Size
6.0 kB (6037 bytes)
Hash
3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d

HTTP Headers

GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6965914
expires: Wed, 13 Sep 2023 08:51:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSyoVPPhtDeSCNQ3UowAE708njJduPHJ99tmcmMrOhUlzO11DS8cySgTIUQLGwPTOdr5dI%2FStVT8XQ5TXFvmiiEUWRBy0ALbHo%2B1kC8YLx3LFrM79n2e9qu7OZ2BBAI6IDlWaeZl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f20a52bc13b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5e136317c0c71275860fcce48a860311
ea873b454c69b6bed9c6bfb32ca8b3d500c8cf3a
8280ba5f21730cd6cde3d0a3581bbdc319b5d707e268bc50f3b59d2846350830

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3936
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 08:51:45 GMT
Last-Modified: Fri, 23 Sep 2022 07:46:09 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5e136317c0c71275860fcce48a860311
ea873b454c69b6bed9c6bfb32ca8b3d500c8cf3a
8280ba5f21730cd6cde3d0a3581bbdc319b5d707e268bc50f3b59d2846350830

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6194
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 08:51:45 GMT
Last-Modified: Fri, 23 Sep 2022 07:08:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.85.229

200 OK

19 kB

URL HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (44435)
Size
19 kB (19287 bytes)
Hash
dcba663c4abdb8ca0a7f4974af933322
e8d49335c7bdef21531b4ec6c95ae0ec9fe96e09
3dd1d4f839dd267f48585ebcfcb818a1320f6f52b1e8a4b8e752df3d8091631b

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.4.33
x-jsd-version-type: version
etag: W/"1122c-J9H0DCRqMGO33uXpjie+s7dGIes"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:51:45 GMT
age: 1052
x-served-by: cache-fra19183-FRA, cache-bma1623-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19287
X-Firefox-Spdy: h2

anonymfile.com/img/logo-anon-warning.webp

138.201.48.112

200 OK

15 kB

URL HTTP/2
anonymfile.com/img/logo-anon-warning.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15344 bytes)
Hash
7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972

HTTP Headers

GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:49:13 GMT
expires: Fri, 23 Sep 2022 08:54:13 GMT
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js

104.16.122.175

200 OK

3.1 kB

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3.1 kB (3123 bytes)
Hash
be060b50cbb4fdfb036b1c1a8c56b8e6
81861fe9b0fd78fa3442b5716bfca6dd20b7d02b
310e9cd2e29baf8eed13e924476f31a1f594a6fc3277fd268ce42bda7e482c7c

HTTP Headers

GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 6966349
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a534fceb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

anonymfile.com/img/main/footer.webp

138.201.48.112

200 OK

178 kB

URL HTTP/2
anonymfile.com/img/main/footer.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
178 kB (178070 bytes)
Hash
79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8

HTTP Headers

GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 23 Sep 2022 08:49:17 GMT
expires: Fri, 23 Sep 2022 08:54:17 GMT
X-Firefox-Spdy: h2

anonymfile.com/css/theme.min.css

138.201.48.112

200 OK

62 kB

URL HTTP/2
anonymfile.com/css/theme.min.css
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
62 kB (61509 bytes)
Hash
ac20ae52902474bc21f37dd62654f6e0
40818973bd9065d893c935170aa4a7c3500d69a7
476a2e672d82d64d42cc1dc29b960d9e891d45bb4271a98623295ef28c7511dd

HTTP Headers

GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 08:51:46 GMT
Last-Modified: Fri, 23 Sep 2022 07:27:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

anonymfile.com/img/logo-anon-warning.png

138.201.48.112

200 OK

41 kB

URL HTTP/2
anonymfile.com/img/logo-anon-warning.png
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40729 bytes)
Hash
d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e

HTTP Headers

GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

anonymfile.com/sw.js

138.201.48.112

404 Not Found

5.0 kB

URL HTTP/2
anonymfile.com/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Size
5.0 kB (4951 bytes)
Hash
d9dda1b6a9444e8bd564ee392db21277
acde147b30055cd0dabbb5c7b48f7ee83aba9aaf
3ade4e0ed9d0a2721decb0d13da47814f06b8bf5cd70a09be3b65dd35ebd9b82

HTTP Headers

GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 23 Sep 2022 08:51:46 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
936c836fe49e0724b87ac82162f5047e
eb0156fd2ad894e68e02b341fc4aa57b21a42e85
3c7ddffb4f45fc048f9f0d1602cb60c3c5fadc4435c88f718fdc13902354abd6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C7DDFFB4F45FC048F9F0D1602CB60C3C5FADC4435C88F718FDC13902354ABD6"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3622
Expires: Fri, 23 Sep 2022 09:52:08 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vJKgDnM68bkX3cFp/lKERQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tBMqp/EtPPUQxccxRN0DkIE2R4M=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
691ead31501097a14cc636bef13fee66
d61e929761ff877b000cfa6347073d781e455a7c
ee8c88025f2f19d372ae33d8d82883a27cea6313e91f5fe79ab2101646bce8f0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE8C88025F2F19D372AE33D8D82883A27CEA6313E91F5FE79AB2101646BCE8F0"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5775
Expires: Fri, 23 Sep 2022 10:28:01 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
722ef108c4d4fc81d56f8a6c10adcffb
4db06d907ef3eaaf9aa08d9a7ec559206f94469c
db67bd24af8e50a7af38451c2febe20ec4c1eaf713e6e6bcc5ed4b1d55d24098

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB67BD24AF8E50A7AF38451C2FEBE20EC4C1EAF713E6E6BCC5ED4B1D55D24098"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11651
Expires: Fri, 23 Sep 2022 12:05:57 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c0f0c54043eecab0f2e6a29aa554160
9f1244152256010709efadfbdb9cd415b279a26b
9d42f4f3d40785f153428139840eaed00faa07ada26d30da5e37ab8def8f36c7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D42F4F3D40785F153428139840EAED00FAA07ADA26D30DA5E37AB8DEF8F36C7"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3923
Expires: Fri, 23 Sep 2022 09:57:09 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 08:51:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=552214,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f20a577bdfb4fd-OSL

my.rtmark.net/gid.js?userId=3ddc54fb266d446a9817b79b5e08bf6a

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=3ddc54fb266d446a9817b79b5e08bf6a
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
a6cb42e668ebbbb864c9344c33f30d23
cfbc3bcf3e64224b65726443d7ea3ac00d607904
8077ff6190b105634c052b13813bf148271c834f81f9f2d065771b5afc3bffea

HTTP Headers

GET /gid.js?userId=3ddc54fb266d446a9817b79b5e08bf6a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

pseepsie.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=

139.45.197.250

200 OK

664 B

URL HTTP/2
pseepsie.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c

HTTP Headers

GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: fc4dc291cfa5349fc12d37d6be9773c9
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
296a132fcbec72230db535083564224d
1263092bb27da2c55bd056cfa1bfad50c1e23fcf
11559a005c262b46c93cf2b687c8d6e16e3b0ffbd6fcbd5d36e26e718a4f88eb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11559A005C262B46C93CF2B687C8D6E16E3B0FFBD6FCBD5D36E26E718A4F88EB"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3084
Expires: Fri, 23 Sep 2022 09:43:10 GMT
Date: Fri, 23 Sep 2022 08:51:46 GMT
Connection: keep-alive

tovanillitechan.com/42/38?z=5307589

139.45.197.239

200 OK

0 B

URL HTTP/2
tovanillitechan.com/42/38?z=5307589
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /42/38?z=5307589 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 11851f21452d5f9db6760f6f78d6ce4f
access-control-expose-headers: X-Sc
set-cookie: OAID=bf470b0fadc34e11a64e8234d7f041c7; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b

139.45.197.239

200 OK

131 kB

URL HTTP/2
tovanillitechan.com/27/b7bd02994a2771796f8a835cfb750d4b
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65523)
Size
131 kB (131245 bytes)
Hash
369181a44ab40b3cc2510921246c5f4c
ffcd2eea059c0aaba575bf0b397f89c81f83e802
d064fbc3c4aa4abe30d92bbdf1ec17c20c900b730ddac549f35e762bec33717b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.429.0

139.45.197.234

200 OK

7.4 kB

URL HTTP/2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.429.0
IP
139.45.197.234:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (17670), with no line terminators
Size
7.4 kB (7414 bytes)
Hash
6071766c1dc1119dbb7c64d687744c01
d462eecc13592467e040d55cd69251922783372a
f1859b1b73cd62fc2cb7e4f4a7a6be280226f702658604887dffc20823049ff2

HTTP Headers

GET /5/5307591/?oo=1&js_build=iclick-v1.429.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json
x-trace-id: e76ff41c936b5c26d3adfd82cd4f7858
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

pseepsie.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
pseepsie.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

dozubatan.com/400/5307588

139.45.197.237

200 OK

31 kB

URL HTTP/2
dozubatan.com/400/5307588
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
31 kB (31157 bytes)
Hash
bd9cf6f81c1fad10b0f3804a1fbcc15a
745faa8aa74e7b9377601efea42606810ce3da38
7c39ea5e131e07432ee1d2a51e52d6b8606a57b577828e0dab21cf1c81d4b84e

HTTP Headers

GET /400/5307588 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/javascript
x-trace-id: d8ffb174bafff503c4787dda808ad7d4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=dfed65e61f884f60a358cd85538f51a4; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

pseepsie.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
pseepsie.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 791
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 13e5b3be58e78e38c244b59bef5139fc
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

tovanillitechan.com/11?rnd=1425512728&z=5307589&b=14505328&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf&ruid=d880ee8d-f954-4b7c-9b7a-3eac92d62dbe&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=90

139.45.197.239

200 OK

0 B

URL HTTP/2
tovanillitechan.com/11?rnd=1425512728&z=5307589&b=14505328&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf&ruid=d880ee8d-f954-4b7c-9b7a-3eac92d62dbe&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=90
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /11?rnd=1425512728&z=5307589&b=14505328&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf&ruid=d880ee8d-f954-4b7c-9b7a-3eac92d62dbe&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=90 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=3ddc54fb266d446a9817b79b5e08bf6a; oaidts=1663923106
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7b0c93ff1ca2c18a860bef94f9a95177
access-control-expose-headers: X-Sc
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

dozubatan.com/500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
dozubatan.com/500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
49e5ce5b845b02f2812fd5e0e90657ab
b25b1883b0f0e02956c3eb5beb98552f814ee6ab
626d35b4cb1b83b59e4ee11e274ba2e82d81a7357d085012401623d088bc3985

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 08:51:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=532233,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f20a5a5f75b4fd-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
27918a7a61d7c4d90d66e4c783ab1d79
06b3c212199defca730b6d8ba852ed8ff891d527
a51c385c0e195e72f489954cdae59b4cdd869a63f366088e50a4e7513838953a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A51C385C0E195E72F489954CDAE59B4CDD869A63F366088E50A4E7513838953A"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12911
Expires: Fri, 23 Sep 2022 12:26:58 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

tovanillitechan.com/1?z=5307589

139.45.197.239

200 OK

3.6 kB

URL HTTP/2
tovanillitechan.com/1?z=5307589
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
3.6 kB (3559 bytes)
Hash
642fc1156626c77e4705452d7a834c75
f79c30a8299cf2888b2ed10a29898d9cd23d12a4
2ead4a0d73c4a174750814d90ff1afbbd10185428b5fdaaa184c874785334e3e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1?z=5307589 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: bf9054442efffd43e6833aff74b4c6f5
access-control-expose-headers: X-Sc
x-sc: Ul_d3mMx3VovV3-v7JugBV6MQtF4eZcmGg0a--i7ri0WUVXWoRISrdMxuNjMExgtY_ilBKuqFZlKeB_JTHRzOlvemok=
set-cookie: scm=1; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
OAID=bf470b0fadc34e11a64e8234d7f041c7; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

78 kB

URL HTTP/2
dozubatan.com/500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
78 kB (77599 bytes)
Hash
6ec0f5e2272c9d75392e6d7c99946793
5558e988fa62080f03fba00a62c99b0646cbebad
d001bee9daba84f7dc16467323343b8e6b3833dc23cae453f708ac50c79ad149

HTTP Headers

GET /500/5307588?excludes=&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=dfed65e61f884f60a358cd85538f51a4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/javascript
x-trace-id: 45ccf2a7c57f5a001a4d4e227a6b21b0
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/66/b3/32/cc869685d47aa5fc5aed0ee5d2/0225907308323.jpeg

139.45.197.152

200 OK

25 kB

URL HTTP/2
interstitial-07.com/contents/s/66/b3/32/cc869685d47aa5fc5aed0ee5d2/0225907308323.jpeg
IP
139.45.197.152:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size
25 kB (25403 bytes)
Hash
66b332cc869685d47aa5fc5aed0ee5d2
cca872d3733ea7073a8628f6465e9c5e7bc04476
75b09353fa7d53dd635de034aa971aabf975297f334a335cb4cbb16a82ac4a31

HTTP Headers

GET /contents/s/66/b3/32/cc869685d47aa5fc5aed0ee5d2/0225907308323.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
content-type: image/jpeg
content-length: 25403
last-modified: Wed, 13 Apr 2022 16:39:55 GMT
etag: "6256fcdb-633b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
19bd6556ae2f12130479854e25199b2f
29d9f6ccfcebb2f417a0d4117e4e8f19dcce79c6
e41ef9ea9f18a42bb7ce3e16b59e9934ef471dac566eadbc20d369535307a03f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E41EF9EA9F18A42BB7CE3E16B59E9934EF471DAC566EADBC20D369535307A03F"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2488
Expires: Fri, 23 Sep 2022 09:33:15 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

interstitial-07.com/contents/s/a7/38/6f/7414b456c918d0db3f4a7f8adc/0404027195892.jpeg

139.45.197.152

200 OK

62 kB

URL HTTP/2
interstitial-07.com/contents/s/a7/38/6f/7414b456c918d0db3f4a7f8adc/0404027195892.jpeg
IP
139.45.197.152:0
ASN
#9002 RETN Limited

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size
62 kB (61558 bytes)
Hash
a7386f7414b456c918d0db3f4a7f8adc
098cd5dc2a88b754e65a9069c7ab2346146a5cbb
ae5b9aa7bdca1f343d79693bebb66a90cd76c2b1d73762dcf86d012d4d48307d

HTTP Headers

GET /contents/s/a7/38/6f/7414b456c918d0db3f4a7f8adc/0404027195892.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1948929060%26z%3D5307589%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7QnWsa0mHM9w1rjqxwYSnK92BAQjw2lxOAxllfDUvXvVxLMRinvW7RX2mH3YBmCKAy54g2CAdME8-5szBCrA5Ez7-F9IJcC10k9YxUDRdOJupA4Bp2Nzd-7V2BySB9pItCAQr9ljRHCObR2S2Ajy95xaZ9kBJljQaYBrzGylityxUM_vwan_MXoHin_85nlF84jG4Qhyq7QLRdeSmPKmufdUBPbe8PgFBWTHStHKmCvSA12SfxRBqnyzHggv1V6kR02E8Oetj_ppKJqu1lilGgVZ5-6owQP3Pv7yxV5PBCuejSh5OkA03n7Vhai6_KNTG6srkEkCl9Vf4ZsboiARZDgkCsEf82gc75z3H1TVmhp-l9lFY-a_Fssnj1EDhHSDWVP0zUFYDyMKgyFQtRgutm8K6Q9AqYfR_mavAtzVEHOho2EuyV-Zf1X-tN22HqviThCc796APf3eQnTLGOxr6D7TTdJlLSuG52pu7VmXXdWAu8u_L2MBnWcoa6Wm2kBycyF0VrzzH7Q9bqqMZUFJg3rHqP_nSOEOSL6rugR_BNsue5f9VhhwXOdlJnVExzh4-MD2MlmRrinaEAbeb6d_3Yq9PNLDHzFTaKGOT0nMKXBo5gzIq302fHUjnx6eM3Bxe9_yXXNNAVDVaSzf%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dd880ee8d-f954-4b7c-9b7a-3eac92d62dbe%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FeyXa%252Fimlikeaghostfr.pdf%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
content-type: image/jpeg
content-length: 61558
last-modified: Wed, 13 Apr 2022 16:39:54 GMT
etag: "6256fcda-f076"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

unphionetor.com/fv.js?t=72747&cb=2106930519

139.45.197.236

200 OK

2.2 kB

URL HTTP/2
unphionetor.com/fv.js?t=72747&cb=2106930519
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (5213), with no line terminators
Size
2.2 kB (2153 bytes)
Hash
0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fv.js?t=72747&cb=2106930519 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: da8a46e2bfcfe30a2f3bfd718ab5c499
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 23 Sep 2022 08:51:47 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1d355c73bda57a9044743175b781ca1c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Fri, 23 Sep 2022 10:00:13 GMT
Date: Fri, 23 Sep 2022 08:51:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5340 bytes)
Hash
3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 38421
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js

104.16.122.175

302 Found

13 kB

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
13 kB (12933 bytes)
Hash
fa2793a5e9be2fe1b75511153ec8d00c
5b6ab8f23e1fc30df0ac902aa04ec3a103206311
4b20c7c9e51fe63045562c59f57c37bfda99ee14f350093b285bd002d79603b5

HTTP Headers

GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GDMRBH721X94BQR8H0HC8YE6-fra
cf-cache-status: HIT
age: 387
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a532fbbb50f-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12538 bytes)
Hash
e2bbb3856eeac20d0ee556c96144bf6c
76ac1f33cd006227162e12e7142e754562bec0c0
1e3f6551d401346b6d809d8feb9b36a9e0006f99f518d1130aa9bd630bfb6801

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bb1df1b-7300-4e0d-ad7a-6e90b6c03299.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12538
x-amzn-requestid: 2ae96766-6999-44ec-8084-a19d26b3e118
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOHYFIAMFXYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-060b96fa5fc99e79711bde3f;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f2gWVJG2DTnIblkJjx4bkFIeg8GauM9TnrThPQPZTkAuL7D7AyG2TQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 17:48:34 GMT
age: 54193
etag: "76ac1f33cd006227162e12e7142e754562bec0c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10279 bytes)
Hash
8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 15531
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9481 bytes)
Hash
1eab8da8cc1495a0221efadddd1a0bcc
4156c37b612d5fb99c6b061187a3cb0b314ae4a8
2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:15 GMT
age: 38432
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8029 bytes)
Hash
02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 39805
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dozubatan.com/impression/79nQE5qR_kxCbVlc-amxYqqkFEFBzlyALAOoVYUw-qhle7mVCrs7seMQu1YvV-LaS5uoXHqzZKL87iHWQwtvMeub5qKas99nDfwuZ_1a9bspK6F_PsOYXCEyY5G5Ucy_14WWRok7iFlgnVJxgX7QoJqVZicIrNCsU4yF8nSsWEVkh1aQBVGEFfL37-v1ZamN5OEW0bV-sbj2-6yAmI8ExYpUhlhFMFQZeJRRb3vc2w7pf8bCx4ct8zP2md2fYllo_lcCgyYqjuGC6xXTocUCuB6uC2oJFnEZpLrQX19Ey7Pfrwgs9aiCyLcmq6Lrhs_qffiIpghX86au0OtNgytyx_tW2WBw1iETj6TC7HCwS6cirPz9GKOD2xMkfYuas_0pmfkNK3enKiM1j1lz3w2_K8yLlRhuWJ-DRD5xj4jOVaCY04XCKa_m4MMb7Sh3xwJDR3ac9L8u0aBKnxNvjnlpIwxysdNpV2q1vhUniHmCCRThL7RAH47527TY646EtS9iY_2BQ-0C0tL6nuMeHHn3rJBOH8W3vMJaBtB_iXvfppn8EW3YpqeBJtsoGnhipFGkkS2ucpnC-_5hM6aJDHwvx8Q7i9UHoSkAmbKHLPl5dfwYOqdUqTHB0U6w68uG1MH1ssi5EzSXQCDtGNz4J5vidJS5HGsJZmMaztt2oHeoxcXt9l87hUzWDA1x2Hklnov2kE7AvoGm0fA=?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
dozubatan.com/impression/79nQE5qR_kxCbVlc-amxYqqkFEFBzlyALAOoVYUw-qhle7mVCrs7seMQu1YvV-LaS5uoXHqzZKL87iHWQwtvMeub5qKas99nDfwuZ_1a9bspK6F_PsOYXCEyY5G5Ucy_14WWRok7iFlgnVJxgX7QoJqVZicIrNCsU4yF8nSsWEVkh1aQBVGEFfL37-v1ZamN5OEW0bV-sbj2-6yAmI8ExYpUhlhFMFQZeJRRb3vc2w7pf8bCx4ct8zP2md2fYllo_lcCgyYqjuGC6xXTocUCuB6uC2oJFnEZpLrQX19Ey7Pfrwgs9aiCyLcmq6Lrhs_qffiIpghX86au0OtNgytyx_tW2WBw1iETj6TC7HCwS6cirPz9GKOD2xMkfYuas_0pmfkNK3enKiM1j1lz3w2_K8yLlRhuWJ-DRD5xj4jOVaCY04XCKa_m4MMb7Sh3xwJDR3ac9L8u0aBKnxNvjnlpIwxysdNpV2q1vhUniHmCCRThL7RAH47527TY646EtS9iY_2BQ-0C0tL6nuMeHHn3rJBOH8W3vMJaBtB_iXvfppn8EW3YpqeBJtsoGnhipFGkkS2ucpnC-_5hM6aJDHwvx8Q7i9UHoSkAmbKHLPl5dfwYOqdUqTHB0U6w68uG1MH1ssi5EzSXQCDtGNz4J5vidJS5HGsJZmMaztt2oHeoxcXt9l87hUzWDA1x2Hklnov2kE7AvoGm0fA=?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /impression/79nQE5qR_kxCbVlc-amxYqqkFEFBzlyALAOoVYUw-qhle7mVCrs7seMQu1YvV-LaS5uoXHqzZKL87iHWQwtvMeub5qKas99nDfwuZ_1a9bspK6F_PsOYXCEyY5G5Ucy_14WWRok7iFlgnVJxgX7QoJqVZicIrNCsU4yF8nSsWEVkh1aQBVGEFfL37-v1ZamN5OEW0bV-sbj2-6yAmI8ExYpUhlhFMFQZeJRRb3vc2w7pf8bCx4ct8zP2md2fYllo_lcCgyYqjuGC6xXTocUCuB6uC2oJFnEZpLrQX19Ey7Pfrwgs9aiCyLcmq6Lrhs_qffiIpghX86au0OtNgytyx_tW2WBw1iETj6TC7HCwS6cirPz9GKOD2xMkfYuas_0pmfkNK3enKiM1j1lz3w2_K8yLlRhuWJ-DRD5xj4jOVaCY04XCKa_m4MMb7Sh3xwJDR3ac9L8u0aBKnxNvjnlpIwxysdNpV2q1vhUniHmCCRThL7RAH47527TY646EtS9iY_2BQ-0C0tL6nuMeHHn3rJBOH8W3vMJaBtB_iXvfppn8EW3YpqeBJtsoGnhipFGkkS2ucpnC-_5hM6aJDHwvx8Q7i9UHoSkAmbKHLPl5dfwYOqdUqTHB0U6w68uG1MH1ssi5EzSXQCDtGNz4J5vidJS5HGsJZmMaztt2oHeoxcXt9l87hUzWDA1x2Hklnov2kE7AvoGm0fA=?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
content-type: image/gif
content-length: 43
x-trace-id: c9ed931ef03fb951051208eab807afbc
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

dozubatan.com/500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
dozubatan.com/500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

pseepsie.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
pseepsie.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 415
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f04cb881430e64f32116a2208fffa721
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=0dea868a8d324f8d8bedd16641b81c74&zoneId=5307590&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=0dea868a8d324f8d8bedd16641b81c74&zoneId=5307590&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
a6cb42e668ebbbb864c9344c33f30d23
cfbc3bcf3e64224b65726443d7ea3ac00d607904
8077ff6190b105634c052b13813bf148271c834f81f9f2d065771b5afc3bffea

HTTP Headers

GET /gid.js?pub=0&userId=0dea868a8d324f8d8bedd16641b81c74&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

0 B

URL HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 23edf38e61eaf84f4bffff0ada1af35d
cache-control: max-age=86400
last-modified: Tue, 20 Sep 2022 08:55:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 24 Sep 2022 07:44:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCw5DXLAanF%2FrT9aOIcyl7gkogyciPlk040dTtRnhVKPe2Yhd7eLaSHOGMW1fpnUGkCHJysvqoj%2FjuuYZf2PlZ%2F%2BYoWONwLRouZ%2F3uSp8h%2BKxR8k3NZQnjZc1ih6Zy1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f20a55a839b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

anonymfile.com/sw.js

138.201.48.112

404 Not Found

0 B

URL HTTP/2
anonymfile.com/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 23 Sep 2022 08:51:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

pseepsie.com/pfe/current/universal.min.js?v=3.1.395

139.45.197.250

200 OK

0 B

URL HTTP/2
pseepsie.com/pfe/current/universal.min.js?v=3.1.395
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

tovanillitechan.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3ddc54fb266d446a9817b79b5e08bf6a

139.45.197.239

200 OK

0 B

URL HTTP/2
tovanillitechan.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3ddc54fb266d446a9817b79b5e08bf6a
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=3ddc54fb266d446a9817b79b5e08bf6a HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 119
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bf470b0fadc34e11a64e8234d7f041c7; oaidts=1663923106
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: df0eda45add7dd45b25ca0faf0abf0e0
access-control-expose-headers: X-Sc
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript

138.201.48.112

200 OK

0 B

URL HTTP/2
anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eyXa/imlikeaghostfr.pdf?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; expires=Fri, 23-Sep-2022 10:51:45 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D; expires=Fri, 23-Sep-2022 10:51:45 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 08:51:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

139.45.197.237

200 OK

0 B

URL HTTP/2
dozubatan.com/500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /500/5307588?excludes=14745758&oaid=3ddc54fb266d446a9817b79b5e08bf6a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:51 GMT
content-type: application/javascript
x-trace-id: a5117041b5dbd434666cfe8d7470ccb9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.194.45

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcZw5Rp3Uxt3N%2B3gwTI%2F46bnR3sJBIlwpVWRTDIzCLjSg98nWuQ3sLE7jQwx7XHdBz4zzBFFTQoA6%2BKrWWQYiAEAeDlwdDZxc%2FDTxk8J16aE2BFJKEiwqhfrc6Untw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f20a589abefab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

anonymfile.com/js/site.js

138.201.48.112

200 OK

0 B

URL HTTP/2
anonymfile.com/js/site.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/eyXa/imlikeaghostfr.pdf?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6IllsaGFXVlJRWkpmZHRRRHdoSFFEWFE9PSIsInZhbHVlIjoiZEplSWhuaFZEN20zRmw3Y1RjOFFXMmZ4WWZHWlFjTzBMN05ZdTRiRk1lMnljRFgxQWx3aTJSejExY0lPK3ZKdkZXTjlaS2srOWpvcVFvSHY2QXQ2R1NZYURwdmJRK1VBMXFLdDlnZ2h1ZmNxSFQ1ZFBGU1hac0FQcjJUaC9nWkwiLCJtYWMiOiJhODNiMzY3NDZlZDBlYmQxZTkxZjQwYWY5MTY0YWFiZTFiNzY0YTdlZTAxMjY5YmVjNmZhNDc2NTI1OWRmMGY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IlIyOXQxQStzdmFHdElTbkxXb2Z4MWc9PSIsInZhbHVlIjoiUFFQWlF4THNKMzFTY01sakhSN2FtSjJ4Rjg3YzVyN1pnd3B6VW9NcDBJVWZBY3JPcUFuSnRiUmFsNGl0Qm1DVm1FV3loKy9KMVgzNUdRN045SUM1NVp5YWVHSE5uYjQxRFovVFJMUGR1WUVTell1SU1BSzFLT1hncSsvcDZpUGIiLCJtYWMiOiIxZGM3MDU4ZTQ1ZWE1M2E3ZjAzMzY2MTk2YWI1MTVhYzFlNDI5YmQ3NzZhMTBmZjMxNjQ3YzA0ZTJkYzc0MTQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=m3ZR6T2HPiTO0erA4Uv6nfK6KEk0gGOJtjft6S6Cjj00tSznRklRv6cF8agCzdR4pwA9Nevos6H1Iks3jLU4GUWHGIdhL3_u3ITKDeVzzSg4Rm0AJTLj1us1DOgJaoJoDS_X2Ibi63CXpN6GHPptxe25gDSCWcslNGILi8LWVwLMoTPLN0bEHJQ2q4NIpcJ8EsMKixqYQkEH188S31UO13wPQwI%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.429.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.429.0&bs=a84d2f3f-30e5-46dc-b130-e6e5c7622b17&userId=3ddc54fb266d446a9817b79b5e08bf6a&m=link

139.45.197.243

200 OK

0 B

URL HTTP/2
onmarshtompor.com/?rb=m3ZR6T2HPiTO0erA4Uv6nfK6KEk0gGOJtjft6S6Cjj00tSznRklRv6cF8agCzdR4pwA9Nevos6H1Iks3jLU4GUWHGIdhL3_u3ITKDeVzzSg4Rm0AJTLj1us1DOgJaoJoDS_X2Ibi63CXpN6GHPptxe25gDSCWcslNGILi8LWVwLMoTPLN0bEHJQ2q4NIpcJ8EsMKixqYQkEH188S31UO13wPQwI%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.429.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.429.0&bs=a84d2f3f-30e5-46dc-b130-e6e5c7622b17&userId=3ddc54fb266d446a9817b79b5e08bf6a&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=m3ZR6T2HPiTO0erA4Uv6nfK6KEk0gGOJtjft6S6Cjj00tSznRklRv6cF8agCzdR4pwA9Nevos6H1Iks3jLU4GUWHGIdhL3_u3ITKDeVzzSg4Rm0AJTLj1us1DOgJaoJoDS_X2Ibi63CXpN6GHPptxe25gDSCWcslNGILi8LWVwLMoTPLN0bEHJQ2q4NIpcJ8EsMKixqYQkEH188S31UO13wPQwI%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.429.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FeyXa%2Fimlikeaghostfr.pdf%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.429.0&bs=a84d2f3f-30e5-46dc-b130-e6e5c7622b17&userId=3ddc54fb266d446a9817b79b5e08bf6a&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 08:51:46 GMT
content-type: application/json
x-trace-id: 8313962b61bf049249fb148ebb16b2da
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=3ddc54fb266d446a9817b79b5e08bf6a; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
oaidts=1663923106; expires=Sat, 23 Sep 2023 08:51:46 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 30 Sep 2022 08:51:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 23 Sep 2022 08:51:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GDMRG8CF3MAAQX3P3EZX7BRZ-fra
cf-cache-status: HIT
age: 233
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74f20a532fbcb50f-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations