cdn-111.anonfiles.com/g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar
301 Moved Permanently 162 B URL HTTP/1.1 cdn-111.anonfiles.com/g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar
IP
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar HTTP/1.1
Host: cdn-111.anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 17:00:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-111.anonfiles.com/g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 16:01:47 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y3JSQCiZUmbGBwKqSxd6j4VlprCUgdwVq9ou4UTDFRbHdRniHI_IpA==
Age: 3517
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6692
Expires: Mon, 26 Sep 2022 18:51:57 GMT
Date: Mon, 26 Sep 2022 17:00:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7hGvBNfn6IOYNyhcTHGjEK0gh3lMpjaDz5FU9I500c9mOuxh8OtvcA==
age: 44710
X-Firefox-Spdy: h2
cdn-111.anonfiles.com/g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar
301 Moved Permanently 0 B URL HTTP/1.1 cdn-111.anonfiles.com/g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar
IP
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g55eo39ayb/20f347e7-1664207363/0xcheats_mta.rar HTTP/1.1
Host: cdn-111.anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 17:00:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/g55eo39ayb
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab6eb245083f7943a0703e8205bdc721
ed1f0ee9b5b14c530c49faa18aa4fbe968c8ddf9
2a4a471d6e3e25d194f10a402e5ac7de4a91a8a72ddbcc6b59e57894ceb100d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A4A471D6E3E25D194F10A402E5AC7DE4A91A8A72DDBCC6B59E57894CEB100D0"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6532
Expires: Mon, 26 Sep 2022 18:49:17 GMT
Date: Mon, 26 Sep 2022 17:00:25 GMT
Connection: keep-alive
anonfiles.com/g55eo39ayb
404 Not Found 2.4 kB IP
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash cb4effa317bc3bef15f3df4bb7ebd9ba
db8551f80a7ca2899edaa79a3c86d763a4c88d8e
0b3435c98fc41c6a64fed4eff621a42efd1003b183063a0bb9fd36228d10ab0a
GET /g55eo39ayb HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 26 Sep 2022 17:00:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 17:00:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/css/anonfiles.css?1663356951
200 OK 25 kB URL HTTP/1.1 anonfiles.com/css/anonfiles.css?1663356951
IP
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash bf84dfe5f6e6044aa4c1095a7a9a850e
e411fe5ea4f2b5ce7382dfe3079589f4817ad165
2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
GET /css/anonfiles.css?1663356951 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2355
Content-Encoding: gzip
anonfiles.com/sw_anonfiles.js
200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js
IP
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 50898
Content-Encoding: gzip
anonfiles.com/js/app.js?1663356951
200 OK 58 kB URL HTTP/1.1 anonfiles.com/js/app.js?1663356951
IP
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1663356951 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 814
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Mon, 26 Sep 2022 17:00:26 GMT
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 596
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/dk.png
200 OK 537 B URL HTTP/1.1 anonfiles.com/img/flags/24/dk.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 552
accept-ranges: bytes
anonfiles.com/img/flags/24/de.png
200 OK 483 B URL HTTP/1.1 anonfiles.com/img/flags/24/de.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7222
accept-ranges: bytes
anonfiles.com/img/flags/24/kr.png
200 OK 988 B URL HTTP/1.1 anonfiles.com/img/flags/24/kr.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 605
accept-ranges: bytes
anonfiles.com/static/logo.png
200 OK 18 kB URL HTTP/1.1 anonfiles.com/static/logo.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f9fd716d30e220aa24bab0e94ebf0aa0
4af32d78655436173f272bb65159a232f1671b8d
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 19:34:48 GMT
etag: "6324cfd8-4809"
vjs.zencdn.net/7.3.0/video.min.js
200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Mon, 26 Sep 2022 17:00:26 GMT
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/fi.png
200 OK 456 B URL HTTP/1.1 anonfiles.com/img/flags/24/fi.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 643
accept-ranges: bytes
anonfiles.com/img/flags/24/se.png
200 OK 581 B URL HTTP/1.1 anonfiles.com/img/flags/24/se.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7244
accept-ranges: bytes
anonfiles.com/img/flags/24/fr.png
200 OK 536 B URL HTTP/1.1 anonfiles.com/img/flags/24/fr.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 624
accept-ranges: bytes
anonfiles.com/img/flags/24/pl.png
200 OK 347 B URL HTTP/1.1 anonfiles.com/img/flags/24/pl.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4810
accept-ranges: bytes
anonfiles.com/img/flags/24/br.png
200 OK 1.1 kB URL HTTP/1.1 anonfiles.com/img/flags/24/br.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7239
accept-ranges: bytes
anonfiles.com/img/flags/24/ru.png
200 OK 403 B URL HTTP/1.1 anonfiles.com/img/flags/24/ru.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7135
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 16:10:46 GMT
Expires: Mon, 26 Sep 2022 16:42:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OoC7BQiP5NQoGOHP_Wanne4VOEcehEiwtAr6QehOCysmu71j7grVeQ==
Age: 2980
anonfiles.com/img/flags/24/us.png
200 OK 656 B URL HTTP/1.1 anonfiles.com/img/flags/24/us.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7083
accept-ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd1df7af5ceb7eaf57d3e3d171ca0959
f6bc308a5dae149fcf7bf2f72cf5af64520393fb
42c7988259fd507ca0b4cee47f5ce8d3942336c86ca70e0a7dccdb530b8e7354
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42C7988259FD507CA0B4CEE47F5CE8D3942336C86CA70E0A7DCCDB530B8E7354"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2363
Expires: Mon, 26 Sep 2022 17:39:49 GMT
Date: Mon, 26 Sep 2022 17:00:26 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/in.png
200 OK 593 B URL HTTP/1.1 anonfiles.com/img/flags/24/in.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 414
accept-ranges: bytes
anonfiles.com/img/flags/24/es.png
200 OK 666 B URL HTTP/1.1 anonfiles.com/img/flags/24/es.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4933
accept-ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:26 GMT
Last-Modified: Mon, 26 Sep 2022 16:08:18 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
anonfiles.com/img/flags/24/no.png
200 OK 611 B URL HTTP/1.1 anonfiles.com/img/flags/24/no.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 641
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737329
200 OK 69 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash af2ee48850975bf3a96feeafa7bbf5c7
6b8f0e9ee86aacb73c3a5034dd68abc3f2effaef
2a4bff0bab494a3e036cfb8800f32979a4b27d4c2ae5a415934fcd183fc0198f
GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68568
date: Mon, 26 Sep 2022 17:00:26 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u7pjBg-EYcKaC-9bC50cJ7-MOeJ7yWU7vezaKFpnZE3ti1j2tNOe0w==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/jp.png
200 OK 599 B URL HTTP/1.1 anonfiles.com/img/flags/24/jp.png
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6878
accept-ranges: bytes
anonfiles.com/sw_anonfiles.js?VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B
200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js?VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B
IP
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js?VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:26 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 50904
Content-Encoding: gzip
polerenewget.buzz/MW5ySjceURE5CmYAAiB4ZyABGXFSJSsdR2E7FX9fUF5LHXMDL1Q+XlVTRXkAAlxLbEdYCk97EUIaEz5CQlNDbF5fCB13EUdTQ2QEBUBAchkASAd3BhcaAitQDF9UOkNFAk97AQdaQHsGB1xGcwMD
204 No Content 0 B URL HTTP/2 polerenewget.buzz/MW5ySjceURE5CmYAAiB4ZyABGXFSJSsdR2E7FX9fUF5LHXMDL1Q+XlVTRXkAAlxLbEdYCk97EUIaEz5CQlNDbF5fCB13EUdTQ2QEBUBAchkASAd3BhcaAitQDF9UOkNFAk97AQdaQHsGB1xGcwMD
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MW5ySjceURE5CmYAAiB4ZyABGXFSJSsdR2E7FX9fUF5LHXMDL1Q+XlVTRXkAAlxLbEdYCk97EUIaEz5CQlNDbF5fCB13EUdTQ2QEBUBAchkASAd3BhcaAitQDF9UOkNFAk97AQdaQHsGB1xGcwMD HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 17:00:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EFQWWcW3NN1kCXkVqwEjmL2%2FgCLjPWCicAE7dyIYZYxy9ni3SmcLdr1vbS2D2c4iVjpZha50V2NeKyOw4nCZ3KbTcPIJQUUAeuGUbEb69NO1LXCHKhA5%2BZN3UuldASiZ%2BwOxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750d8e4bad58b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polerenewget.buzz/UzRuWUh8Cw0qdQBwO20sPlhZGC9iZDsBLxZ1Kx8SNnVeFhw/BEgtITcJWWp/YAdefzg6UFNocHVHGjg8JkdTaG46Wgg2dXVCU2hmYxpfd3t1QVNobidEDz51YhIeLTw/CV9vfmcGX2h+YQBXbH8
204 No Content 0 B URL HTTP/2 polerenewget.buzz/UzRuWUh8Cw0qdQBwO20sPlhZGC9iZDsBLxZ1Kx8SNnVeFhw/BEgtITcJWWp/YAdefzg6UFNocHVHGjg8JkdTaG46Wgg2dXVCU2hmYxpfd3t1QVNobidEDz51YhIeLTw/CV9vfmcGX2h+YQBXbH8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UzRuWUh8Cw0qdQBwO20sPlhZGC9iZDsBLxZ1Kx8SNnVeFhw/BEgtITcJWWp/YAdefzg6UFNocHVHGjg8JkdTaG46Wgg2dXVCU2hmYxpfd3t1QVNobidEDz51YhIeLTw/CV9vfmcGX2h+YQBXbH8 HTTP/1.1
Host: polerenewget.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 17:00:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JpQrns%2Fa2w9Kw9XxC2qSoJow1saLJVCoiL55nDllR%2BViencdM3gE1RqxIE4yoe4bQUra%2BPPROM9mTIwCkG2owgNMu%2Bsd7ruoUuuk1xuTj3m2tD%2FQ31fc9nWqkcI%2BzGGU08D%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750d8e4bad5cb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
heisalw.xyz/anRlcTgLFgYcBwtJB1dNGBhYVAosUVc3XAACXEhLEhsUAU5bRUsSVAUBARdKBRoRX1YPAEBDfignMzNQPiIKAGgdTBcrbFpBJyl6HhEIFWsMRisHdwI9DD98BgAkGGIYOSE4USwOAVQKLDUgEg0jN1QFbT0HVzp8XjMGOU8ZJAI7TwtGXQl6OU0LF2AzIjUlbQMWNzAMJTcKSX4QRFEhbDA8KjVMWiQ0RQsnDTBJeS0cCjUKPCQDKQFdLSAaCQtHDUBtDU1AQ34PRiQ/ci4lXTp9OFFXN1kAMgonQCAHAyluOTBWSA8zNihGXlkbNyZwHkQAKVQvElceTSQlSDhVJCMdGHJZTRQUfygmAzZIXhAzPwE6NyQYeikHVDxgPCAmQ3ZPRiMXVCwGKUJqAlIPAlcEBFgSU1sNBzJiB0I1
200 OK 1.2 kB URL HTTP/2 heisalw.xyz/anRlcTgLFgYcBwtJB1dNGBhYVAosUVc3XAACXEhLEhsUAU5bRUsSVAUBARdKBRoRX1YPAEBDfignMzNQPiIKAGgdTBcrbFpBJyl6HhEIFWsMRisHdwI9DD98BgAkGGIYOSE4USwOAVQKLDUgEg0jN1QFbT0HVzp8XjMGOU8ZJAI7TwtGXQl6OU0LF2AzIjUlbQMWNzAMJTcKSX4QRFEhbDA8KjVMWiQ0RQsnDTBJeS0cCjUKPCQDKQFdLSAaCQtHDUBtDU1AQ34PRiQ/ci4lXTp9OFFXN1kAMgonQCAHAyluOTBWSA8zNihGXlkbNyZwHkQAKVQvElceTSQlSDhVJCMdGHJZTRQUfygmAzZIXhAzPwE6NyQYeikHVDxgPCAmQ3ZPRiMXVCwGKUJqAlIPAlcEBFgSU1sNBzJiB0I1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Hash 9fdc976fc35705f51efb2d9b43bcb983
f83f7729cff922dd6e2d3e0fa5966946f83eea49
1819b492505973718afb61c3d11ba1e9787f4eac82ae73f0a5bde473040e6f37
GET /anRlcTgLFgYcBwtJB1dNGBhYVAosUVc3XAACXEhLEhsUAU5bRUsSVAUBARdKBRoRX1YPAEBDfignMzNQPiIKAGgdTBcrbFpBJyl6HhEIFWsMRisHdwI9DD98BgAkGGIYOSE4USwOAVQKLDUgEg0jN1QFbT0HVzp8XjMGOU8ZJAI7TwtGXQl6OU0LF2AzIjUlbQMWNzAMJTcKSX4QRFEhbDA8KjVMWiQ0RQsnDTBJeS0cCjUKPCQDKQFdLSAaCQtHDUBtDU1AQ34PRiQ/ci4lXTp9OFFXN1kAMgonQCAHAyluOTBWSA8zNihGXlkbNyZwHkQAKVQvElceTSQlSDhVJCMdGHJZTRQUfygmAzZIXhAzPwE6NyQYeikHVDxgPCAmQ3ZPRiMXVCwGKUJqAlIPAlcEBFgSU1sNBzJiB0I1 HTTP/1.1
Host: heisalw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Mon, 26 Sep 2022 17:00:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: YJBP0_ek4iar4W1zVJ87oR1gAJXniGyoEVUwK50g0uH4NdSXIdhlxA==
X-Firefox-Spdy: h2
heisalw.xyz/UGN6QXcxARksSDFeGGcCIg9HZEUWRkgHEzoVQ3gEKAwLMQFhUlQiGz8WHicFPw0Obxk1F19zMRUtMi0dMyU4GTE3Uy0jRxEyOHFGPiFKdCYBUTsSMigiHBEcAiY1E0I7MRF1BAEJEgYkEwAuJRwRJzhxRjcmEhQ0GAkZCy8nOh8MADwqKBMyYDUREy8GCiwXJRFXHAobYDU+OTFhIRB4IAgOOxMkYS0jCjYGKigqOgMmLzUjGCcWIDMSFywYEAEhLXEuACIRcDABGzMTJGEuOQsfFigzKhs9JBEtPAY0MwQ/NzouDkYkAC8VLTkhPykjASQ/BCQVTiACLhYqKwQlBVEtNjEXMhIYOQRTSwATOyU/FBB2CQkuGSBeIC9DIlQ1cx8iUj4i
200 OK 1.2 kB URL HTTP/2 heisalw.xyz/UGN6QXcxARksSDFeGGcCIg9HZEUWRkgHEzoVQ3gEKAwLMQFhUlQiGz8WHicFPw0Obxk1F19zMRUtMi0dMyU4GTE3Uy0jRxEyOHFGPiFKdCYBUTsSMigiHBEcAiY1E0I7MRF1BAEJEgYkEwAuJRwRJzhxRjcmEhQ0GAkZCy8nOh8MADwqKBMyYDUREy8GCiwXJRFXHAobYDU+OTFhIRB4IAgOOxMkYS0jCjYGKigqOgMmLzUjGCcWIDMSFywYEAEhLXEuACIRcDABGzMTJGEuOQsfFigzKhs9JBEtPAY0MwQ/NzouDkYkAC8VLTkhPykjASQ/BCQVTiACLhYqKwQlBVEtNjEXMhIYOQRTSwATOyU/FBB2CQkuGSBeIC9DIlQ1cx8iUj4i
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2996), with no line terminators
Hash 1c2d5368239cd4a287fcbb8a2411ff9b
04462e96ae15fa7248e493eb8a370ce514915ad1
f9037f814624875ecf245a5e99be0e4820ecf4cbfdaf82142111f3da162cc2c4
GET /UGN6QXcxARksSDFeGGcCIg9HZEUWRkgHEzoVQ3gEKAwLMQFhUlQiGz8WHicFPw0Obxk1F19zMRUtMi0dMyU4GTE3Uy0jRxEyOHFGPiFKdCYBUTsSMigiHBEcAiY1E0I7MRF1BAEJEgYkEwAuJRwRJzhxRjcmEhQ0GAkZCy8nOh8MADwqKBMyYDUREy8GCiwXJRFXHAobYDU+OTFhIRB4IAgOOxMkYS0jCjYGKigqOgMmLzUjGCcWIDMSFywYEAEhLXEuACIRcDABGzMTJGEuOQsfFigzKhs9JBEtPAY0MwQ/NzouDkYkAC8VLTkhPykjASQ/BCQVTiACLhYqKwQlBVEtNjEXMhIYOQRTSwATOyU/FBB2CQkuGSBeIC9DIlQ1cx8iUj4i HTTP/1.1
Host: heisalw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Mon, 26 Sep 2022 17:00:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: sZml8gW-3SwO6cYBiU3Jpil7jKHmbyysSkzxZ6ig-xkNWCnZrN89cw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GifyvnhV0PdvSMY9y+gWDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wY4+xYxF9GyLRHhD8ft5gAnEpnk=
tractekytyh.xyz/utx?tid=737323&top=anonfiles.com&cb=4rlgKp6N2Lcp
204 No Content 0 B URL HTTP/2 tractekytyh.xyz/utx?tid=737323&top=anonfiles.com&cb=4rlgKp6N2Lcp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?tid=737323&top=anonfiles.com&cb=4rlgKp6N2Lcp HTTP/1.1
Host: tractekytyh.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 17:00:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 17:01:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4838101f07e2dfcd1db4abc88031f082.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: B00MEjgUm5zmw_eieV3Fxzu8JuFjQRHUj3Qb_JDvCM9yYWtZ4ZDrjw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f189ae80d2ff1410b8783f73cb38ba0c
de07114cd57818095bf45a4c6add8290043e873f
8e616e78cb1a138ed18391055012266fb5a7033d442e9f2c2ca9f2cb62ae2bee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E616E78CB1A138ED18391055012266FB5A7033D442E9F2C2CA9F2CB62AE2BEE"
Last-Modified: Mon, 26 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4381
Expires: Mon, 26 Sep 2022 18:13:28 GMT
Date: Mon, 26 Sep 2022 17:00:27 GMT
Connection: keep-alive
anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663356888
200 OK 1.3 kB URL HTTP/1.1 anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663356888
IP
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ee0e6dd4ef643128a1b7bd4ab32b8a79
8136c70aac1e50f8356c83f91fb77ea4b6596cbc
51f305558b4ed6fcf3a31b4f9e404fc2ea426cb5e785ac46ce827de0c5cabb4c
GET /img/favicon/favicon-32x32-anonfiles.png?1663356888 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/g55eo39ayb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 17:00:27 GMT
Content-Type: image/png
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 921
accept-ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:27 GMT
Last-Modified: Mon, 26 Sep 2022 15:11:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14642
Expires: Mon, 26 Sep 2022 21:04:29 GMT
Date: Mon, 26 Sep 2022 17:00:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9816a34aa982a32c75960dea9eafeb8b
c7e109045ac10b4a16db658cab522d76260ad913
35e739f34c5de6ef430dd444b8a4dfff2fada8de37f67d460a43ab9e0697032c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 17b745b5d3e387127df4aba170081743
e59dc2fcbab312428ac919358c3f8afe301e723b
94b6219f1fdabe19021204226c005ab3f82f148cbfabd240a999f18267895bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
djv99sxoqpv11.cloudfront.net/BSVBhTVoqPw8rZT05BXBtemdSf2NvOhIiNDltAiZrMDIiFzd/AEc5IC1tUWs2KD4GcHwsPgJwa28xBS9nfXYVPTUibRA4OCo8Fz04PTZHODt0PQ43MyU8AGhoD2VPfX97YEk1a3h1Ug9/e2ANJDQ8KER/ajFoVxJsfXVSD397YBM7f3oRWHt0eXlEf2ouNQ-ImNWxiJ39qeGBRfGp4dVN9PCAiBCs1MXVTC2N/flFrL3Rh
200 OK 555 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/BSVBhTVoqPw8rZT05BXBtemdSf2NvOhIiNDltAiZrMDIiFzd/AEc5IC1tUWs2KD4GcHwsPgJwa28xBS9nfXYVPTUibRA4OCo8Fz04PTZHODt0PQ43MyU8AGhoD2VPfX97YEk1a3h1Ug9/e2ANJDQ8KER/ajFoVxJsfXVSD397YBM7f3oRWHt0eXlEf2ouNQ-ImNWxiJ39qeGBRfGp4dVN9PCAiBCs1MXVTC2N/flFrL3Rh
IP
File type ASCII text, with very long lines (770), with no line terminators
Hash 1b18d1a4940c851a1ef808f969bf1ea0
37529ead6c10ef015c654b39e4046cf51d49228c
f40abd70cb457518128d9b00fdb06f73627677e25d4020d5eb991d07c2273be2
Analyzer Verdict Alert fortinet Malware
GET /BSVBhTVoqPw8rZT05BXBtemdSf2NvOhIiNDltAiZrMDIiFzd/AEc5IC1tUWs2KD4GcHwsPgJwa28xBS9nfXYVPTUibRA4OCo8Fz04PTZHODt0PQ43MyU8AGhoD2VPfX97YEk1a3h1Ug9/e2ANJDQ8KER/ajFoVxJsfXVSD397YBM7f3oRWHt0eXlEf2ouNQ-ImNWxiJ39qeGBRfGp4dVN9PCAiBCs1MXVTC2N/flFrL3Rh HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heisalw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 555
date: Mon, 26 Sep 2022 17:00:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J-aTmPIpm_rpD9dSNsSM1sfcCpojy0Gc1qUj1Oly-YPf_n2ydnDZng==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/ENHljcFBXFg0Wb0AQB01nB05QQ2ASExAfPkREOR5kRk4sQjhGSCcTdkADB01gEhUCHjcJXwYeMwlIRRE0VkRXViVVRA4fKl0VDxF1Bj9WXmARS1NYKAVIRkMSEUtTHDlaDBtVYgQBW0YPAk1GQxIRS1MCJhFKIklmGklKVWIEHgYTO1tcUTZiBEhTQGEESE-ZCYFIQERU2WwFGQhYNT01AdkFEUg
200 OK 253 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/ENHljcFBXFg0Wb0AQB01nB05QQ2ASExAfPkREOR5kRk4sQjhGSCcTdkADB01gEhUCHjcJXwYeMwlIRRE0VkRXViVVRA4fKl0VDxF1Bj9WXmARS1NYKAVIRkMSEUtTHDlaDBtVYgQBW0YPAk1GQxIRS1MCJhFKIklmGklKVWIEHgYTO1tcUTZiBEhTQGEESE-ZCYFIQERU2WwFGQhYNT01AdkFEUg
IP
File type ASCII text, with no line terminators
Hash 1ab3e645245565ace75ab931843302e8
cc3606a9a2f8cff0503e3f3876102cf65a319d12
35a979badbae092524a6ce4e39d217074a0a0be98a81e922bc12e942425e856a
Analyzer Verdict Alert fortinet Malware
GET /ENHljcFBXFg0Wb0AQB01nB05QQ2ASExAfPkREOR5kRk4sQjhGSCcTdkADB01gEhUCHjcJXwYeMwlIRRE0VkRXViVVRA4fKl0VDxF1Bj9WXmARS1NYKAVIRkMSEUtTHDlaDBtVYgQBW0YPAk1GQxIRS1MCJhFKIklmGklKVWIEHgYTO1tcUTZiBEhTQGEESE-ZCYFIQERU2WwFGQhYNT01AdkFEUg HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heisalw.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 253
date: Mon, 26 Sep 2022 17:00:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EAPJtFOaTyrRa28glo8a1ycHO5QJOGn-rMF3dFU-nYZTSwQLkG14Pg==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash d11739fe0ae7e7700ce8e88080855ed6
444ac9a7e6747c075df486b5e690a07071254b22
52c493544403441540b194e57ed0a68ae3491898d9bc3d24d54137d5c0de82b5
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 17:00:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-334977480%3A1664211627268043&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG73r9sjBxlIEUYj5UWZuI0nFMwuuDlSwCdaFice4Q-OVNTPAgQYxHfKXxak59nOkwIv5i6A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-RpplYTcJlFeZK3MRHt9HSw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:enK5nTO6Bp9uBjkzLrr1icHs0QE1_A:Jp9Y514kmwhE6Pmo;Path=/;Expires=Wed, 25-Sep-2024 17:00:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
heisalw.xyz/utx?cb=irkRvWPRwusQ&top=anonfiles.com&tid=737329
204 No Content 0 B URL HTTP/2 heisalw.xyz/utx?cb=irkRvWPRwusQ&top=anonfiles.com&tid=737329
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=irkRvWPRwusQ&top=anonfiles.com&tid=737329 HTTP/1.1
Host: heisalw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 17:00:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 26 Sep 2022 17:01:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Xp1Rx9_KAaNDBZoxbMcharztU5nymjRGYINCmHXp7s7AhImxrpniEQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 4e85996f6f2eff5da34e7e7fc09122e3
869eca916e1367f34b4229233fdb083e5fa787e0
69d50459bd1a74391716a107458944ab4b3730ed0523f9f4f581f1f40527cc09
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 17:00:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1175130713%3A1664211627277901&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr9yGiJe7Pnzi75-03Nmw75s9iyKaQ53S6DqB-SCF5iTqR9drN3-g4ZXJwj6fzWWxI1azqb-Q
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-47xxsKCdZVZZw9DalZ9kZw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:zhMllxfdHevHslXtsNekMe4x3F2QQQ:ZS7mQB5ud2HSigc_;Path=/;Expires=Wed, 25-Sep-2024 17:00:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
200 OK 23 kB URL HTTP/2 baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
IP
File type ASCII text, with very long lines (57608), with no line terminators
Hash 71d90240ed69444b93e5377f0cabda26
819e10bf7385aa229c3fe2f4a49f32793f690401
928c3cda2a1961c8f5d231365bc86280181846db465d000fd6fa0c33572161ae
GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1
Host: baconaces.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e108-X7J2Gf0stYAXhyzgeUvPO0KRjgU"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 17:00:27 GMT
Last-Modified: Mon, 26 Sep 2022 15:11:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11fba68543733ac24876f29eb98cae68
90ea019857e8e30c293d1e9f5c54b3e34e65cac6
de4af270487d3b84b8c0c3e3d76398f9979792cf64158d0cb575eb1c5bfd91f8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE4AF270487D3B84B8C0C3E3D76398F9979792CF64158D0CB575EB1C5BFD91F8"
Last-Modified: Sat, 24 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14642
Expires: Mon, 26 Sep 2022 21:04:29 GMT
Date: Mon, 26 Sep 2022 17:00:27 GMT
Connection: keep-alive
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
sultingcoe.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 17:00:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 17:00:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 17:00:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 17:00:28 GMT
Connection: keep-alive
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 20 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
Hash d90308cd8ed177213df97be8fcfa7d88
82a5352e5f0059a1159817b9f31c36ddbecc482f
fabe0df7f6b48fc1bf7c5a4dd19794c9f4604e2bf6164299479f75e00051fc27
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: CdrA6MMNLkx5Rrl8wSMMqWd7PqMmrp3ypcxmDcBvLrH16MjG+3axEQlf6kJzUDUF+rq4sCEycXmQK8zaUkCL7A==
date: Mon, 26 Sep 2022 17:00:27 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 69096
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 67188
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 67812
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 65432
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 68557
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Cookie: csu=1236138981355961@1@1664208725
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 17:00:27 GMT
content-type: text/plain
set-cookie: csu=1236138981355961@2@1664208725; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyE32v33U23kNr3A22Hw%2FNsRKq%2B0eN5vFABNw4BjH0VxX6vuEYGhSxfkQTIY9fw%2Fau%2F4w8ziFRSEGKmV%2B2wgmAWIVOXeQaflcLjeN1Gsi6tLHhvSLtbCTwo3d%2BHn8D%2BG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750d8e4e4ac77719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-334977480%3A1664211627268043&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG73r9sjBxlIEUYj5UWZuI0nFMwuuDlSwCdaFice4Q-OVNTPAgQYxHfKXxak59nOkwIv5i6A
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-334977480%3A1664211627268043&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG73r9sjBxlIEUYj5UWZuI0nFMwuuDlSwCdaFice4Q-OVNTPAgQYxHfKXxak59nOkwIv5i6A
IP
GET /v3/signin/identifier?dsh=S-334977480%3A1664211627268043&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpG73r9sjBxlIEUYj5UWZuI0nFMwuuDlSwCdaFice4Q-OVNTPAgQYxHfKXxak59nOkwIv5i6A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 17:00:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-dWy8qeb1oBNj6sEed7A2jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=R3k12gNMGj9lsQqIKqW0qlGYFGPZYnFN9lxdOrJomAD1AOAfsei-jc6l0pEdxIiu7kXiIf1dPJhvozFMeeLv5XNDi0mkJTYd0vo0I9uh5oRc_1x_jsnTBvhQZ7jqIX5nhuv1RNVv32Qdt9odiu-ptmfnnTf7vk3LBcSlA25zNk8; expires=Tue, 28-Mar-2023 17:00:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sultingcoe.buzz/VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B
200 OK 0 B URL HTTP/2 sultingcoe.buzz/VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B
IP
GET /VURmY0MOZlFQdGZ2VUFvd2ZKQXU2JlcFe2UgSwJzZ3NLVyFlIEtadm19S1Z7YiBTWnplcAIFendoRAUmZHVfBnBiaQBTcTBpUgJ1bGlfWno3aV5QdDQmA1F3Y3BWAWF5ZhUUYXlmFRYvIS0IBCA6IUgBNi8%2BRE9hZHRIVmF5IgcPMDBoAAIvJiFKBSI5NwM%2B HTTP/1.1
Host: sultingcoe.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 054d11e9fee1e6176308f8e7ba7b0bf0=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-ZuE5opGYkNJ5GsLj0XNFrJtfWs8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1175130713%3A1664211627277901&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr9yGiJe7Pnzi75-03Nmw75s9iyKaQ53S6DqB-SCF5iTqR9drN3-g4ZXJwj6fzWWxI1azqb-Q
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1175130713%3A1664211627277901&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr9yGiJe7Pnzi75-03Nmw75s9iyKaQ53S6DqB-SCF5iTqR9drN3-g4ZXJwj6fzWWxI1azqb-Q
IP
GET /v3/signin/identifier?dsh=S1175130713%3A1664211627277901&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr9yGiJe7Pnzi75-03Nmw75s9iyKaQ53S6DqB-SCF5iTqR9drN3-g4ZXJwj6fzWWxI1azqb-Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 17:00:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-NNmPU24LP-hEaxWtvsLrOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=ENS5fXzH0ZbVNnVDjechi3Kn0KUbzuG5ZHUcpyE0xJ3VtL5rmjCucRig6WjA4NoHGJlPVaLcyw89hCMRt8rkE1cJht_2Or8TszhbOVlLxEsbnIhHceZ9ua5WJghlVWV7CLM9FIcK5iY_iLSplk_AvuL4jjOixPjDkT5K_80EAKs; expires=Tue, 28-Mar-2023 17:00:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
195.96.151.60
23.36.76.226
142.250.74.3
157.240.200.35
45.154.253.150
104.21.43.217