| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css | 104.17.25.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hashded1c367363e8b20bdc6a19b8350a737 8c06d82739d14b094ff6d9036021a252bd1d985d 1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:04 GMT
content-type: text/css; charset=utf-8
content-length: 18752
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6421d693-4940"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 583604
expires: Sun, 27 Apr 2025 12:45:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BO8rbdf7JXLxf39dnXsqzhu9biC8f%2F1z%2Bvp2aENMyf9g150%2Fm%2FqyxZHS0Z4qijrQIeQQXQ2VTm873%2BbYFOIQ4Of9BmvkmGFiJ9vYQERu1XVwPiUYqSDjXWhhhnS6vt8CrfdHBq1h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88014e19cb775697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap | 142.250.74.170 | 200 OK | 4.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap IP142.250.74.170:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (20367) Hasha8f375aa006ff96adb30a8e423d55cdc 80565cf7a4891ff0443359c7ae234ef348a65b9c 03728afd914f5f40b03b87610acdcf3a85ef338136a4c82e4c87d4eea59cbefe
GET /css?family=Inter:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 12:45:05 GMT
date: Tue, 07 May 2024 12:45:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.67 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 93048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| barelydonkeysteed.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js | 192.243.59.13 | 200 OK | 12 kB |
URL GET HTTP/1.1barelydonkeysteed.com/5565fd691e8ecaf4ea72c31df91cabfb/invoke.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectbarelydonkeysteed.com Fingerprint09:96:53:A3:D4:FA:8F:6D:A9:BA:0D:D4:AC:65:7E:F5:A3:AD:C9:BB ValidityMon, 06 May 2024 02:26:21 GMT - Sun, 04 Aug 2024 02:26:20 GMT
File typeJavaScript source, ASCII text, with very long lines (31336), with no line terminators Hashbfd85230c5d82b1efe1ffa21e3ee065d d08a5aece0caed1fb7674074d5b610b2e8620d08 9fa817ac28a0fc2f7e19cac6a15d5a97aa216758c593a57537d64f2158870d6e
GET /5565fd691e8ecaf4ea72c31df91cabfb/invoke.js HTTP/1.1
Host: barelydonkeysteed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 12:45:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28b122f77dce67179d76812cd2ee923e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| zovidree.com/tag.min.js | 104.21.16.31 | 200 OK | 77 kB |
IP104.21.16.31:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectzovidree.com FingerprintE7:A2:02:40:34:64:74:90:8F:C4:F5:DA:6D:7F:08:2D:33:29:9A:FD ValidityMon, 22 Apr 2024 15:25:10 GMT - Sun, 21 Jul 2024 15:25:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7573260aff69fe8406b0115ab4bcefaa f7f5c31f2481bd176a9b79deff1b7c0d4878f87c 280186476a1f8103793e2139d4654b16f61a2a1d393966388f55b8ed795ebba3
GET /tag.min.js HTTP/1.1
Host: zovidree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1a13b2616487079790d1ad15928b1eb9
cache-control: max-age=86400
last-modified: Sun, 05 May 2024 17:51:41 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 08 May 2024 03:11:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 34383
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W50rAAQ19JjHZFPXFlXATydmi4EwuL54HeS96QNvfDoGZGnx6Pirx%2FGpPj0ZXZqqudZ4Ni6p1mmXPAQ4WF%2BTwuluFrC%2BZ3a4KF%2FuMgd6hG%2FsYCIX%2FnH3kyjjoh99ESg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88014e1e6ce50b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hcaptcha.com/1/api.js | 104.18.125.91 | 200 OK | 110 kB |
IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41625) Size110 kB (109934 bytes) Hashc6438f98ac4acd11054d196bf44310de 00a348466d30d26c486e48d464a2432dfcc28b69 1c7ee73f66b781ba78bdfd7189fc368805cb5e642ad5f095b505a206c5a19ba5
GET /1/api.js HTTP/1.1
Host: hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:04 GMT
content-type: application/javascript
cf-ray: 88014e19ee3c0b06-OSL
cf-cache-status: HIT
age: 0
cache-control: max-age=300
etag: W/"43a836cde2f57b4747b92444069ecfc9"
expires: Mon, 20 May 2024 20:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash1c746578e95683e8b5c861e2c85d81b0 d689114a6d40b4a92b56d12e0eb33e9aeb1a4349 67752d648603b1a5bb6f8856a09b777cfa84dbaed795194ea4018908778fe336
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 12:45:05 GMT
Last-Modified: Tue, 07 May 2024 11:15:11 GMT
Server: ECAcc (ska/F75B)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -OMZBfJC-tNramv6vbpiPXom1G0uKasEF11kyFoOzF-2IgO1s1qPHQ==
Age: 5394
|
|
| anontransfer.com/public/bootstrap.min.css | 188.114.97.1 | 200 OK | 188 kB |
URL GET HTTP/3anontransfer.com/public/bootstrap.min.css IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
Size188 kB (187864 bytes) Hash3f6998db3a5ca99cfe1e0a2acf431c6a 385fd4585ef04be945023facf736677ae13b5617 89b538bed524540606023d3d4b80d64d6ca1de0685a690e74706d92de5708f21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/bootstrap.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 23:34:31 GMT
etag: W/"4ac8f-6060f2abf3db5-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9bCw%2F4z9PLgewR%2FBIlJMo4SKpWd40j7UmiXRfkqD2SdAaugIJ9ULKnfq03%2FB%2Fne8V4jozf%2FSUt8uegLXO7m0WcJAAfwwwZh%2B28q7xRXmDzOJVBH8rVGXvkhkJnadJKkVojT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19aeb71c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash1d00140a8037a8fc49ce564026fff4cc c0e9d6062f290a138548818e0b759efe2fe633c6 a77e9a7046e7d30d76799a8703ff35ddcdd25ff619815d46ebba6b9797bfb8e1
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anontransfer.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=297ce5e3-0bd3-432d-a2f8-c958b1d580e1:1:1; expires=Fri, 05 May 2034 12:45:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 | 142.250.74.67 | 200 OK | 47 kB |
URL GET HTTP/2fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46704, version 1.0 Hash30a274cd01b6eeb0b082c918b0697f1e 393311bde26b99a4ad935fa55bad1dce7994388b 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 93049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 | 104.17.25.14 | 200 OK | 25 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 24948, version 772.256 Hash61f30b79daf5b31f0d254a31fba66158 fb363d27cfdfe71a243fa2ac3dab2815232b9b7e 8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 24948
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-6174"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 587474
expires: Sun, 27 Apr 2025 12:45:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=np2OFJ%2Fr9wtmErLnqQq3z5n2SH0cSDUOorQfERCnqsOzi5DvcaWKIuw158Fwd5C0%2BC3UyG%2FR5%2BT66IKTB0TisVF6kMoH5oDg%2FHZ2Gfxz4n7EOCYJfC1A%2F%2FMsuPe2hN0YCQ6587nN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88014e20bf705691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=0080556dbb75400de8724c5bf473ab74 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=0080556dbb75400de8724c5bf473ab74 IP139.45.195.8:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashaa7567c62e2715739810d5eaa8767948 08d5d242fd05baf53c0f1536c899ff467e379e2e 8ed5a7bafa0a49f6d8c11e165291c9dcc6a019d996375a2dfe392d789d8b4df2
GET /gid.js?userId=0080556dbb75400de8724c5bf473ab74 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anontransfer.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080556dbb75400de8724c5bf473ab74; expires=Wed, 07 May 2025 12:45:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| pubtrky.com/ut/hb.php?cb=0.23732299147212144&v=1 | 172.67.188.110 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.23732299147212144&v=1 IP172.67.188.110:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.23732299147212144&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 887
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 07 May 2024 12:45:06 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EL%2BzhnzqkCIGH8EsWCZ3z8XB4FQLys6mxFebv98kcOaL%2BcEYQCnHSbOGaMqXMT4al4RZBFpPvyv9dG6GhWROZUP%2BPj9EqC2mgbCwVksp0JdqY79DxpMlJUtv7LRzKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e217d1f5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| anontransfer.com/download/JLTtNXU3eW/Codium.exe | 188.114.97.1 | 200 OK | 35 kB |
URL User Request GET HTTP/2anontransfer.com/download/JLTtNXU3eW/Codium.exe IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (12460) Hash4442866fcbec2cbbc8dcf8810985d7cf 1c989df3f61e62151f5bd723a5ffb2f19f510abd 562835664f1208bacf929fdb4cfa84b206c44e429cf9f78ff2af5cd9c1c13991
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /download/JLTtNXU3eW/Codium.exe HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:04 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
set-cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILlxPMqENmcFL%2B8dTfSrZ22TZ%2FTjMgHENY%2FbhLE81WmvNqmBMamip0WD%2FkaYtJw2TDRWc7hfoqlroDO06FVPuo37TksGtpMNylyfzBRzhVIdPAxDKxLwD7OvAhpIgsChslE2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e158e520b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/main.js | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3anontransfer.com/public/main.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text Hash2f913676be4281619bb857d9455330ed 486b39d12e0ce4c5206cd84b3e0b72572fa57569 e52e70c5fce3bd7046418adc22baa60f61a3fb4d1fcd136b7397c4f66b47bfb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/main.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Aug 2023 13:31:01 GMT
etag: W/"c86-601f0acb94d34-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUgICTkvb3tDhOdquEYTFv1%2BrQBCmf%2FXN252yR%2FbGBVPcbj%2BYMIU7O4PWvLeMytnmiL3R6AZD8v2SAmXeaU9Vxl9aaT%2B5owxitIitpfJynQyYDd%2FPuvJGkCKWvOAraj0ZOj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19ceed1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| youradexchange.com/script/banner.php?r=8324054&cbpage=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&cbref=&cbdescription=Codium.exe%20-%20Preview%20your%20File&cbkeywords=&cbtitle=Codium.exe%20-%20AnonTransfer&srs=0082bef4d282664f5038c424d1023fe2&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&atv=48.1 | 172.67.177.214 | 200 OK | 122 kB |
URL GET HTTP/2youradexchange.com/script/banner.php?r=8324054&cbpage=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&cbref=&cbdescription=Codium.exe%20-%20Preview%20your%20File&cbkeywords=&cbtitle=Codium.exe%20-%20AnonTransfer&srs=0082bef4d282664f5038c424d1023fe2&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&atv=48.1 IP172.67.177.214:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
Size122 kB (121797 bytes) Hash231b88b5ee4983a10bbe79640752e14b 955f65e303fdc2a3026c06483727c3ed0c95fec4 6c3cc29eafd358c9b9f8a93fb438eed45ec66fc11013ccd24ff060222941bfed
GET /script/banner.php?r=8324054&cbpage=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&cbref=&cbdescription=Codium.exe%20-%20Preview%20your%20File&cbkeywords=&cbtitle=Codium.exe%20-%20AnonTransfer&srs=0082bef4d282664f5038c424d1023fe2&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&atv=48.1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anontransfer.com/
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWMoKMm1qYTzZPh3Z3ZXWZa4rk4ObqI2wMcMbaB4Bmw3i8FgQTbEDH0WiqAMSblDZfjwDr5qpy2l8NcZXWJYGIX8kj86EUbkTRVAzN31VdixtaiL6R00d6hfX14JizyKU7nmnME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e1f8fa9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zokaukree.net/5/7402737/?oo=1&js_build=iclick-v1.788.9-auto | 139.45.197.245 | 200 OK | 131 kB |
URL GET HTTP/2zokaukree.net/5/7402737/?oo=1&js_build=iclick-v1.788.9-auto IP139.45.197.245:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectzokaukree.net FingerprintC0:B6:2C:1B:C6:37:68:38:7C:A4:E0:F4:BF:B4:8E:D4:CA:7E:2A:F1 ValiditySun, 05 May 2024 11:48:42 GMT - Sat, 03 Aug 2024 11:48:41 GMT
File typegzip compressed data, max speed, from Unix Size131 kB (130573 bytes) Hash17fe9d85ccb4902f708a644ea912bc54 93938b402e99be65b4955bad47eed10e1f386ec5 6369cd7a42be2df032c2e42bae2862592f4c737a993e8114d6abfae5115892fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5/7402737/?oo=1&js_build=iclick-v1.788.9-auto HTTP/1.1
Host: zokaukree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 12:45:05 GMT
content-type: application/json
x-trace-id: cb54e24aa0cfcf4eadcde6911a4a155c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080556dbb75400de8724c5bf473ab74; expires=Wed, 07 May 2025 12:45:05 GMT; path=/; secure; SameSite=None
oaidts=1715085905; expires=Wed, 07 May 2025 12:45:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3fundingchoicesmessages.google.com/el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /el/AGSKWxUGnlz58zvdeJI3okqu6JGTskn-86sgCpDo1CqowpIJqoEQqIDQQBWjefH45kUsg6dL0UkKOcIbH-MNrtgWT53ytw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:06 GMT
content-security-policy: script-src 'nonce-aDnc5z-9gWRUpPIvTCTboQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1hDgFiIh-PSkRcb2QQWNO86zQQAyCQMfA"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main | 142.250.74.42 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main IP142.250.74.42:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hash9b289af026f3e548d1d06033fa868b46 7916969abb1e3aa9e953f4d7e7cb8ca1380f98f7 dc5d2a255869ad274247f1bb8c353794f470a1fca09d9f8c98968178c5b8a717
GET /_/translate_http/_/js/k=translate_http.tr.no.tlVaMKdtlm8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfodhSEIn_SeJc-BRVOcbmQF4EFWgg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:42:06 GMT
expires: Tue, 06 May 2025 17:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 04 May 2024 07:10:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 68580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| exasperationincorporate.com/watch.36983745055.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&tz=0&dev=e&res=14.2071&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1exasperationincorporate.com/watch.36983745055.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&tz=0&dev=e&res=14.2071&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectexasperationincorporate.com Fingerprint29:93:4B:D4:EC:F4:64:10:C0:DD:6E:12:94:2B:33:D7:71:A6:AC:23 ValidityMon, 06 May 2024 08:00:27 GMT - Sun, 04 Aug 2024 08:00:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.36983745055.js?key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&tz=0&dev=e&res=14.2071&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 HTTP/1.1
Host: exasperationincorporate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 07 May 2024 12:45:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Location: https://exasperationincorporate.com/watch.36983745055.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1715085966&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&res=14.2071&rmtc=t&shu=ae55e0b0b8ea126b629b34fa68e4b53f6d4e21a9c87cb2fee70f6a67fd6533191288e172e56a713d109a19da3bd5d0fa7b48556cab45f2fedbe35ce7f31cb54a99262d36c3e86fb22442af86fe53ff0c83d8763148fe105291bab7cdd7f4&tz=0&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1
Set-Cookie: u_pl=20439883; expires=Wed, 08 May 2024 12:45:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL0pMVHROWFUzZVcvQ29kaXVtLmV4ZSIsImFyIjpbXX19.Io70eHskFJjjLJtfFSyQCWQyhEG4jCJFttkgOqPZxKM; expires=Tue, 07 May 2024 12:46:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a7c26182f614e1f532740fc46806188
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css | 142.250.74.35 | 200 OK | 4.0 kB |
URL GET HTTP/2www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css IP142.250.74.35:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:04:03 GMT
expires: Tue, 06 May 2025 19:04:03 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 63663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| exasperationincorporate.com/watch.36983745055.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1715085966&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&res=14.2071&rmtc=t&shu=ae55e0b0b8ea126b629b34fa68e4b53f6d4e21a9c87cb2fee70f6a67fd6533191288e172e56a713d109a19da3bd5d0fa7b48556cab45f2fedbe35ce7f31cb54a99262d36c3e86fb22442af86fe53ff0c83d8763148fe105291bab7cdd7f4&tz=0&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 | 192.243.59.20 | 200 OK | 2.0 kB |
URL GET HTTP/1.1exasperationincorporate.com/watch.36983745055.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1715085966&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&res=14.2071&rmtc=t&shu=ae55e0b0b8ea126b629b34fa68e4b53f6d4e21a9c87cb2fee70f6a67fd6533191288e172e56a713d109a19da3bd5d0fa7b48556cab45f2fedbe35ce7f31cb54a99262d36c3e86fb22442af86fe53ff0c83d8763148fe105291bab7cdd7f4&tz=0&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectexasperationincorporate.com Fingerprint29:93:4B:D4:EC:F4:64:10:C0:DD:6E:12:94:2B:33:D7:71:A6:AC:23 ValidityMon, 06 May 2024 08:00:27 GMT - Sun, 04 Aug 2024 08:00:26 GMT
File typeJavaScript source, ASCII text, with very long lines (2447) Hash16df1e6ee90466f2dc8ee567afdd2b74 34b2f857e517b8271891c7b28f49063d5a804b65 f482f423ab49ca0346dcbddecbf7f2498e0640794d7c747aefc324301bf5fcc2
GET /watch.36983745055.js?dev=e&key=5565fd691e8ecaf4ea72c31df91cabfb&kw=%5B%22codium%22%2C%22exe%22%2C%22-%22%2C%22anontransfer%22%5D&pst=1715085966&refer=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&res=14.2071&rmtc=t&shu=ae55e0b0b8ea126b629b34fa68e4b53f6d4e21a9c87cb2fee70f6a67fd6533191288e172e56a713d109a19da3bd5d0fa7b48556cab45f2fedbe35ce7f31cb54a99262d36c3e86fb22442af86fe53ff0c83d8763148fe105291bab7cdd7f4&tz=0&uuid=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1 HTTP/1.1
Host: exasperationincorporate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anontransfer.com
Referer: https://anontransfer.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=20439883; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDQzOTg4MywiayI6IjU1NjVmZDY5MWU4ZWNhZjRlYTcyYzMxZGY5MWNhYmZiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyODk4NjY3LCJwaWQiOjExODcwMTgsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjcsInB0Ijo0LCJwayI6InVzOWNtdndoeXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL0pMVHROWFUzZVcvQ29kaXVtLmV4ZSIsImFyIjpbXX19.Io70eHskFJjjLJtfFSyQCWQyhEG4jCJFttkgOqPZxKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 12:45:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anontransfer.com
Access-Control-Allow-Origin: https://anontransfer.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=297ce5e3-0bd3-432d-a2f8-c958b1d580e1:1:1; expires=Tue, 14 May 2024 12:45:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 May 2024 12:45:06 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 May 2024 12:45:06 GMT; secure; SameSite=None
pdhtkv27=true; expires=Wed, 08 May 2024 12:45:06 GMT; secure; SameSite=None
uncs27=1; expires=Wed, 08 May 2024 12:45:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 195624b8f81b01f4c4a0f3caf1f2cb86
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| wigrooglie.net/?rb=dossDXtKU9z2rKq_VHVnqgL3bV7y0OGZnOM7dDZgjUTwEnpsKEif6V8Np4GIUfFwlvuxc1dHF2QIGgRZ1jrG5JHK1PC6iPO1d5NkNn7iBh3wuwE9oaR-ZGQhAI8vtD6q0yG5NjFCXB6hV8R6P1AlJYThKxjbTPhFe5WhE4GUcR2dsqZZJLCvWBPDpKi8xcHkoC3lMGs0hWNNXNVJ-2aqRd1ov3IxIOPcurypFH2V2fQ4LG5LcBAKo9HzanpA9xnzUVd9Krwnj_KkuKgD&request_ab2=0&zoneid=7402737&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=42b6e1d9-fba6-4c6a-ab2e-700e7ce662d3&wasm=1&userId=0080556dbb75400de8724c5bf473ab74&m=link | 139.45.197.242 | 200 OK | 5.6 kB |
URL GET HTTP/2wigrooglie.net/?rb=dossDXtKU9z2rKq_VHVnqgL3bV7y0OGZnOM7dDZgjUTwEnpsKEif6V8Np4GIUfFwlvuxc1dHF2QIGgRZ1jrG5JHK1PC6iPO1d5NkNn7iBh3wuwE9oaR-ZGQhAI8vtD6q0yG5NjFCXB6hV8R6P1AlJYThKxjbTPhFe5WhE4GUcR2dsqZZJLCvWBPDpKi8xcHkoC3lMGs0hWNNXNVJ-2aqRd1ov3IxIOPcurypFH2V2fQ4LG5LcBAKo9HzanpA9xnzUVd9Krwnj_KkuKgD&request_ab2=0&zoneid=7402737&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=42b6e1d9-fba6-4c6a-ab2e-700e7ce662d3&wasm=1&userId=0080556dbb75400de8724c5bf473ab74&m=link IP139.45.197.242:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectwigrooglie.net FingerprintEF:4A:44:83:A9:78:0C:8F:85:B1:B3:3B:F0:A8:79:7A:1C:FE:39:3F ValidityTue, 07 May 2024 00:49:13 GMT - Mon, 05 Aug 2024 00:49:12 GMT
File typeASCII text, with very long lines (9137), with no line terminators Hashdc1af7843dd4ec70798d2afd2737d1a5 bfd7ed6fc4e3131fc4952084602c07facbc3733b 2a5823a80d76dee6238870b4976df390e5c6e31cf0dafbc57895c8e1e33cd866
GET /?rb=dossDXtKU9z2rKq_VHVnqgL3bV7y0OGZnOM7dDZgjUTwEnpsKEif6V8Np4GIUfFwlvuxc1dHF2QIGgRZ1jrG5JHK1PC6iPO1d5NkNn7iBh3wuwE9oaR-ZGQhAI8vtD6q0yG5NjFCXB6hV8R6P1AlJYThKxjbTPhFe5WhE4GUcR2dsqZZJLCvWBPDpKi8xcHkoC3lMGs0hWNNXNVJ-2aqRd1ov3IxIOPcurypFH2V2fQ4LG5LcBAKo9HzanpA9xnzUVd9Krwnj_KkuKgD&request_ab2=0&zoneid=7402737&js_build=iclick-v1.788.9-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=3&pl=https%3A%2F%2Fanontransfer.com%2Fdownload%2FJLTtNXU3eW%2FCodium.exe&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.788.9-auto&navlng=en-US&pnt=0&pnrc=0&bs=42b6e1d9-fba6-4c6a-ab2e-700e7ce662d3&wasm=1&userId=0080556dbb75400de8724c5bf473ab74&m=link HTTP/1.1
Host: wigrooglie.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anontransfer.com/
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/json
x-trace-id: 184b516803a974eec9d707c32afb9342
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080556dbb75400de8724c5bf473ab74; expires=Wed, 07 May 2025 12:45:06 GMT; path=/; secure; SameSite=None
oaidts=1715085906; expires=Wed, 07 May 2025 12:45:06 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 12:45:06 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.35:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:13:15 GMT
expires: Fri, 02 May 2025 02:13:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 469912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/images/cleardot.gif | 216.58.211.4 | 200 OK | 43 B |
URL GET HTTP/2www.google.com/images/cleardot.gif IP216.58.211.4:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeGIF image data, version 89a, 1 x 1 Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 07 May 2024 12:45:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.170 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.170:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 07 May 2024 12:45:07 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=NUfuUwdBjCGIHDmHkaNyaE2Giqo5RWAeI1_7KUzul7COl4ywpU_C2Q6Yy0GQmc_G3lcURve1qsBm4qDTNe09pl23__fsx4bKLVPG5Wt3URe4pM6ldbhnseiFu93FI4O3OSbjd6UkfB4Stpam3PeY_GguIBxo6n5Py4MgzDR2zo0; expires=Wed, 06-Nov-2024 12:45:07 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Tue, 07 May 2024 12:45:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240505 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240505 IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20240505 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:07 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-qgBls8U02DLVuCveH7Hl8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoExEI8HJePvNjIJjBh5t3LjAB1mwnb"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=TArGaOiMEZ7TnNlPPQr5hKq4CLv4FA9xJUXk8Khhe-fNIYBH7rp_KE0DTfUcXKXYSIB_XPc7rG5QEGFumCZ32NmocsUubx_LoiZu0_nCpDjTXe8h2hP1b6jISL2jf8S8Ra9bBBvj4TK1I-R9w0v3pNKgjlw4MtyeymOyz2WXiaE; expires=Sat, 07-Jun-2025 05:03:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 | 142.250.74.97 | 200 OK | 15 kB |
URL GET HTTP/2lh3.googleusercontent.com/lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 IP142.250.74.97:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typePNG image data, 456 x 60, 8-bit/color RGBA, non-interlaced Hash0d270b65146664b527f4bf47bb3b8a53 50a0d64b7784bebbec2de83325763810ab5ac517 3d3d52c6516f0647a3f62aa744345cc35b28461d84bbe6953b647b9e6c355f56
GET /lDoP0gomLwtYtuRCWmIp6NiO8q-8ntli29HTtGqak22-tD7R3mv_J1DXsECl2IVrVgFjP4YQZ0TAyGgEk2b2LqhnKft_81XkTaunkrq5JUur3ulKI2bTmQ=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 15000
x-xss-protection: 0
date: Tue, 07 May 2024 12:45:07 GMT
expires: Wed, 08 May 2024 12:45:07 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.67 | 200 OK | 48 kB |
URL GET HTTP/3fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 468607
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.67 | 200 OK | 48 kB |
URL GET HTTP/3fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 468607
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.67 | 200 OK | 128 kB |
URL GET HTTP/3fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:43:48 GMT
expires: Sat, 03 May 2025 03:43:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 378079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== | 216.58.211.14 | 204 No Content | 0 B |
URL POST HTTP/3fundingchoicesmessages.google.com/el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 195
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:07 GMT
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-OIOVqo9vL7jfAmM-tMbiKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1hDgFiIh-PykRcb2QRm_HnwiQkAzIcNSQ"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== | 216.58.211.14 | 204 No Content | 0 B |
URL POST HTTP/3fundingchoicesmessages.google.com/el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /el/AGSKWxUS6P2BE_CDtfZ7sg4GQ5o-QY5rCZ-JIGIdnLk5ccB5fk_M4Dsu4wLRhkO3rjUEoMs1ZxMSUhiWp0qgSYf4z7rIlMUJ4hLTL9v1JZbrHMVlFQ4Ug0WKz2kzqkal6BVcAo0Z_rgoSw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 169
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://anontransfer.com
access-control-allow-credentials: true
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-TQ8UOyxzkpWXB3N5AMuWLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh-PykRcb2QR2zH7-gQkAy04NCg"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.cloudimagesb.com/cti/ce/4f/ad/ce4fad594f0595d487d8b6b4c83c440a/1627917103.png | 45.133.44.10 | 200 OK | 25 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/ce/4f/ad/ce4fad594f0595d487d8b6b4c83c440a/1627917103.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 468 x 60, 8-bit/color RGB, non-interlaced Hasha2d05b1f17d513b399aac78339ef978e f0a52b95fbc0df33084ab457a6919b6c533f799a 3a255ad4f051d9484322374d692e67215edc0a3f4b76be3eb21e944c8daeba7b
GET /cti/ce/4f/ad/ce4fad594f0595d487d8b6b4c83c440a/1627917103.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:07 GMT
content-type: image/png
content-length: 25371
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:11:50 GMT
etag: "61080b36-631b"
expires: Thu, 09 May 2024 12:45:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| api.hcaptcha.com/checksiteconfig?v=50fb34a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 | 104.18.125.91 | 200 OK | 13 kB |
URL POST HTTP/3api.hcaptcha.com/checksiteconfig?v=50fb34a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=05tzfqbkwj2&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Hash80c1f7cc930d7798b9633ab3e6a9e7e6 bbd81c0d4221e9ca90384860eb8f6e6b7df403b1 0b62b5b7358df60e30e75d9daaea8c78fa171a9b85099f6bb34cac2ec7d3e3e4
POST /checksiteconfig?v=50fb34a&host=anontransfer.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&sc=1&swa=1&spst=0 HTTP/1.1
Host: api.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e245bf8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.42 | 200 OK | 0 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.42:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://anontransfer.com/
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 07 May 2024 12:45:17 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.42 | 200 OK | 131 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.42:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anontransfer.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1183
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://anontransfer.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 07 May 2024 12:45:17 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| acscdn.com/script/ut.js?cb=1715085905768 | 104.21.11.26 | 200 OK | 63 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1715085905768 IP104.21.11.26:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1715085905768 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPq4rLQfUzIb4PXABJF3kaL6QpNC2eEDt1dZIA_AICzJwRtEzQkHmfGBvBjJTgyllcLoFfCchk7ypw
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 07 May 2024 13:18:10 GMT
cache-control: public, max-age=3600
age: 178
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kk%2Bcyp%2FgF%2BpaMv%2F%2FR4GsZcstfB9JhirfPCXTCUOuOZY5ylFkP%2BFMmnWmeFs46SzTib0zG2uy4iUiPsKdGICGmkWvU%2BBEoVrSPCmQ%2FoF2JKat%2F3Rd4BS%2B%2FeovI1Mm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88014e1f5ef7568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acscdn.com/script/banner.js | 104.21.11.26 | 200 OK | 63 kB |
URL GET HTTP/3acscdn.com/script/banner.js IP104.21.11.26:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/banner.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/javascript
x-goog-generation: 1714389693207586
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63013
x-goog-hash: crc32c=fi3olg==, md5=Zd6s1MheN2EjwaEobFOyIQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPokA-nYfLnt6-1nIW2SFFPL1Wx442RKOF5tzz1Gl9dN3yklq7QEJvMiPvHs8ZrDmzgtf7K1-x4ziw
expires: Tue, 07 May 2024 12:37:33 GMT
cache-control: public, max-age=3600
age: 843
last-modified: Mon, 29 Apr 2024 11:21:33 GMT
etag: W/"65deacd4c85e376123c1a1286c53b221"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMWPEf%2Fk%2Ban7bNt3maJqxITIfi9TRKyMjrVv5pR6jXj4Vdj9wEVHwnS4Ja77Lg3DO3VO5%2Ff7xGa8isypxxeeF8ZfZ00VXbpRBXS6QrlMoQFvL0VUvyb9S6%2B2nNfL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88014e1e7d07568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.8 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1803), with no line terminators Hash1061da5ccf4d00902874135c386f3cec 3fbf23dcb9452a187c9ec136a7f5538776f8b9ad f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72
GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 12:45:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e1fea3db50f-OSL
content-encoding: br
|
|
| crrepo.com/extban/278371020/creatives/23426596/e192295018ae5357d1c5b67ef5e985ad_3890.jpg | 104.21.233.199 | 200 OK | 121 kB |
URL GET HTTP/2crrepo.com/extban/278371020/creatives/23426596/e192295018ae5357d1c5b67ef5e985ad_3890.jpg IP104.21.233.199:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectcrrepo.com Fingerprint44:8B:BA:AA:80:2B:6C:39:BF:F9:EA:5D:F1:1E:6D:BF:47:FF:41:D3 ValidityFri, 03 May 2024 12:40:29 GMT - Thu, 01 Aug 2024 12:40:28 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3 Size121 kB (121009 bytes) Hashe192295018ae5357d1c5b67ef5e985ad b35ebb12f3525f93b95f7d23153d2cf98cb3f451 f5e1a3e880c62a3e756db0d72a0ba6a9efb2c0db20046d8d5874296eab9c28b9
GET /extban/278371020/creatives/23426596/e192295018ae5357d1c5b67ef5e985ad_3890.jpg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: image/jpeg
last-modified: Thu, 03 Mar 2022 16:56:37 GMT
etag: W/"6220f345-1d8b1"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 6569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQHpvgz0Yx%2Fokn0qXFBq6nttp3rayXj2nwTF7EcZ2kczkpjmotqLcv1u0XZJDojdwr1QH70O1ijIZL8z%2Bm4nR2q9b07T5mP3S2sYCXZ4COF1W9rmvrJlCih4HK3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88014e223f3693e1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/bootstrap.min.js | 188.114.97.1 | 200 OK | 59 kB |
URL GET HTTP/3anontransfer.com/public/bootstrap.min.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text, with very long lines (58940) Hash259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/bootstrap.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:32 GMT
etag: W/"e753-6011947e0f800-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WixafCfLcpX5RulJ%2B7fd9RDmfd57JqGXYk7r8XrG4X5WF6gWDgtJPMtLXaNKIlmJKGTmloLY1ejgcLyGCp3x9RWTZxMFei6vSfjkwdKZGs8pn5oPDW%2B1bDGH2e1RqxoEFnfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19ceec1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html | 104.18.125.91 | 200 OK | 1.8 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html IP104.18.125.91:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
File typeHTML document, ASCII text, with very long lines (1803), with no line terminators Hash1061da5ccf4d00902874135c386f3cec 3fbf23dcb9452a187c9ec136a7f5538776f8b9ad f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72
GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 12:45:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e1fea41b50f-OSL
content-encoding: br
|
|
| newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js | 104.18.125.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=checkbox&id=05tzfqbkwj2&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387118 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 12:45:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e218d7ab50f-OSL
content-encoding: br
|
|
| newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js | 104.18.125.91 | 200 OK | 387 kB |
URL GET HTTP/3newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=05tzfqbkwj2&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size387 kB (387118 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 12:45:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e218d7eb50f-OSL
content-encoding: br
|
|
| acscdn.com/script/aclib.js | 104.21.11.26 | 200 OK | 126 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP104.21.11.26:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com Fingerprint55:5D:7F:12:65:2B:04:EA:49:29:92:63:3B:D1:C2:DF:C7:F6:4B:9E ValiditySat, 27 Apr 2024 13:56:54 GMT - Fri, 26 Jul 2024 13:56:53 GMT
Size126 kB (125606 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 12:45:04 GMT
content-type: text/javascript
x-goog-generation: 1714389616107910
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125606
x-goog-hash: crc32c=xTw75w==, md5=TCF5phnDVdTC7KGmT28/Bw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPq3WDRiywUXy1I9epsgjBrZr10_kxsxD8tygBTr-xkVVMzaGeOnPwLfQ_UPT0AwhViwE90
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 07 May 2024 12:57:52 GMT
cache-control: public, max-age=3600
age: 807
last-modified: Mon, 29 Apr 2024 11:20:16 GMT
etag: W/"4c2179a619c355d4c2eca1a64f6f3f07"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnkm%2FGp5t4lUwFcRQr6I5ssK4LkITos44MnlBe%2FnmV04ChE6Gqgp75EZqNPbnXu7CZXIsB%2Fmgbyztp9hT6Y%2FZvbMTwotNszkrGx51dW1cRbg1wXJ6gUPHyrzTXrx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88014e19eef60b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/popper.min.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3anontransfer.com/public/popper.min.js IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeJavaScript source, ASCII text, with very long lines (18706) Hash72d3b1e50e1a60d898f7817b27d76c1a 01d720c9ed9eab4e8d7f87d013cb3af11540d498 98f078a39b01008ae2eefd279d4aecc614b2b2533a4f8bef368e69d1977f5cb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/popper.min.js HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2023 20:32:31 GMT
etag: W/"4944-6011947d1b5c0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E3HaDPfiVCDHcn7ElROxFPlwOmwH5mUwI%2BPKCJyPp5OTmB8Ku7nNL3bbbBpG7nuCIXQKCpco21qVdj2y3e0kY1mdQ%2BCN8uGxjmJAh4jK4KjXLzfiJRrkTn2EQZRak3uPY062"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19bee61c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap | 142.250.74.170 | 200 OK | 112 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap IP142.250.74.170:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Size112 kB (112083 bytes) Hasha656f24503830b5b1554f7a1655446da a9692d730b090e7093c79026780e5045184280e7 e6c3ac5acc22f10a07b54dc9311d8fa3cd64cddfda3a5921d8290b88b8ca630f
GET /css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 12:45:07 GMT
date: Tue, 07 May 2024 12:45:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 | 104.17.25.14 | 200 OK | 150 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 IP104.17.25.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150124, version 772.256 Size150 kB (150124 bytes) Hashc64278386c2bbb5e293e11b94ca2f6d1 6b99aa650bd12a36caa14e0127435d8f4cd3ba73 7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anontransfer.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150124
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6421d693-24a6c"
last-modified: Mon, 27 Mar 2023 17:46:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 587645
expires: Sun, 27 Apr 2025 12:45:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xef0oFqa5GzC8a6jRvwxqc0E7HGVUlX4u3Y3dZeRXaHjzmYljM8eyFI1qMOkxHvThocTZcsbz7nFxO6ru6mOx2G%2FiRAhw5DvAhYUKxAEbMxfcBubRkPfkT5Nf9HYKgmABOvZthPN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 88014e205ebc5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| anontransfer.com/public/main.min.css | 188.114.97.1 | 200 OK | 3.1 kB |
URL GET HTTP/3anontransfer.com/public/main.min.css IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeASCII text, with very long lines (3053), with no line terminators Hash1783f583975d6dc2498ab64797c52bb8 4c6931a7417234360fa7c5d26eb96717af1be444 b78bd0e5718345c790e67c01ffb82666f1f1146fc9a745f6d5358c0c020beb6a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/main.min.css HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: text/css
last-modified: Tue, 17 Oct 2023 16:25:58 GMT
etag: W/"beb-607ebfa4a031d-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbPn7RiiS6BvFYI0skoda%2FE2ZPRsVRsmtETyL1N2Og0YyW7f6D%2BYuzl5VsbxWoYvqgWny4uDFwkxp2j8hN3KTbMLbZXsa9fERd6lF%2F9maZqlDaq1dIPP2AlaLZM9cgXemc9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19aebf1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 216.58.211.14 | 200 OK | 89 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2064) Hashed382eb133d005b89e06bc0c96b4426b a7f01b3904e960bd94423b8f427ec40fee546216 3c497eb6a306e96daf50eef0ea2e4c56dc5e3f65cd0a0dabca935288a75c14d3
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:05 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| anontransfer.com/public/at-logo.webp | 188.114.97.1 | 200 OK | 3.4 kB |
URL GET HTTP/3anontransfer.com/public/at-logo.webp IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeRIFF (little-endian) data, Web/P image Hash4085d16973c5fd4d17fa03d23d8ff5c4 cbcc34ef0dcc557a321f64f484163e6828bc43b9 4ecd9408f4d052a43f4111dc66fec20e6f4924efb401cea52f2baf8e39f25204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/at-logo.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: image/webp
last-modified: Wed, 24 May 2023 02:52:25 GMT
etag: W/"d42-5fc6797f80c40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaiAMAluVbB0OEaijkirPVqhpQj1ay7kg0sinp722z0hLK2s9pXg6G7jc5lVa3ozzsTnOtGQ%2FKvQoT3EsrItJpo1MopPDMYvq4pgQMpianz83K8djNLXR2S%2FPIow1JsPFBot"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19bed71c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| anontransfer.com/public/file-format-icon.webp | 188.114.97.1 | 200 OK | 900 B |
URL GET HTTP/3anontransfer.com/public/file-format-icon.webp IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeRIFF (little-endian) data, Web/P image Hash66402453e205f10efb8d3be5d0e475cc 0113ccd1362a74d2e25dc837a986ae1a579f906a 7bdd4be48dec56dd8b86c1e533d725ea3f8fd4d920a1d9a26be3f6e254588b50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/file-format-icon.webp HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:05 GMT
content-type: image/webp
last-modified: Thu, 22 Jun 2023 19:59:23 GMT
etag: W/"384-5febd5215fcc0-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qk1Ernv0aZmQYTfMoew4%2FXbMk%2Fw5qBvPFnLQxc6xureYL1Bbkmgk0QtOOHfxCaiQU88%2FIh%2F43GIDqVlqawki%2BKUYxJLSupGtgwShqiC5mIK5xiJJD%2FjfoZ1%2B3TaU4YhKhX0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e19bed91c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| anontransfer.com/download/JLTtNXU3eW/Codium.exe | 0.0.0.0 | | 0 B |
URL GET anontransfer.com/download/JLTtNXU3eW/Codium.exe IP0.0.0.0:0
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /download/JLTtNXU3eW/Codium.exe HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh; dom3ic8zudi28v8lr6fgphwffqoz0j6c=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1; prefetchAd_7402737=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| fundingchoicesmessages.google.com/f/AGSKWxWnNC7TtCo_ZA_Tmx-VoxUW8XCX5uBoIuzwPywct1OC9v1XKp6IkApo0-N2qDJeuDRzpedbKQwEGefCAuH9qTvObcWFITadkyoNFfINhe1qSy1r5xLNwOFcQWx0fxM8q0gpVFavVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MDg1OTA2LDgyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL0pMVHROWFUzZVcvQ29kaXVtLmV4ZSIsbnVsbCxbWzgsIjNVY1pjRXRFUGtJIl0sWzksImVuLVVTIl0sWzE5LCIxIl1dXQ | 216.58.211.14 | 200 OK | 377 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/f/AGSKWxWnNC7TtCo_ZA_Tmx-VoxUW8XCX5uBoIuzwPywct1OC9v1XKp6IkApo0-N2qDJeuDRzpedbKQwEGefCAuH9qTvObcWFITadkyoNFfINhe1qSy1r5xLNwOFcQWx0fxM8q0gpVFavVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MDg1OTA2LDgyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL0pMVHROWFUzZVcvQ29kaXVtLmV4ZSIsbnVsbCxbWzgsIjNVY1pjRXRFUGtJIl0sWzksImVuLVVTIl0sWzE5LCIxIl1dXQ IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Size377 kB (376808 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f/AGSKWxWnNC7TtCo_ZA_Tmx-VoxUW8XCX5uBoIuzwPywct1OC9v1XKp6IkApo0-N2qDJeuDRzpedbKQwEGefCAuH9qTvObcWFITadkyoNFfINhe1qSy1r5xLNwOFcQWx0fxM8q0gpVFavVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MDg1OTA2LDgyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hbm9udHJhbnNmZXIuY29tL2Rvd25sb2FkL0pMVHROWFUzZVcvQ29kaXVtLmV4ZSIsbnVsbCxbWzgsIjNVY1pjRXRFUGtJIl0sWzksImVuLVVTIl0sWzE5LCIxIl1dXQ HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:07 GMT
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-tvl7wcFQHPnrt-9MbwoFqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAeKdiy-wHgTiVUcusG4C4m_sF1n_AbEQN8flIy82sgmcuPvbHQCwmThM"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| anontransfer.com/public/anontransfer-favicon.ico | 188.114.97.1 | 200 OK | 176 kB |
URL GET HTTP/3anontransfer.com/public/anontransfer-favicon.ico IP188.114.97.1:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectanontransfer.com FingerprintA2:AE:2F:8B:D3:85:BA:A7:DC:4B:F3:87:D4:8E:EC:71:63:BF:96:EF ValidityFri, 15 Mar 2024 22:40:29 GMT - Thu, 13 Jun 2024 22:40:28 GMT
File typeMS Windows icon resource - 9 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Size176 kB (176492 bytes) Hashd5e92a2fedcb52f737435150cba4e603 54838eb1a51959a5df8d498f8c7f999be5652283 eda268a2c3241dbd07ac42ed4b4be3f66408c1b5fbf3a2f0cb15e460a14c1b1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/anontransfer-favicon.ico HTTP/1.1
Host: anontransfer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/download/JLTtNXU3eW/Codium.exe
Cookie: PHPSESSID=n55js92nsdb33aerfqfkfgt3jh; dom3ic8zudi28v8lr6fgphwffqoz0j6c=297ce5e3-0bd3-432d-a2f8-c958b1d580e1%3A1%3A1; prefetchAd_7402737=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: image/x-icon
last-modified: Thu, 25 May 2023 05:00:53 GMT
etag: W/"2b16c-5fc7d813e2b40-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0DrvDbwCEjM%2FBwqFCsjrtvVt50k7Ib%2Bp6gn4MsZUGfUn3j7aCABUduwjv51JtgWme7w3EDWTpWC1I55duztVgi0zg%2FhSVbPU2pcVN7WbJI1fT3CWF2rwuCCPoq7e84Hwy6Ry"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e24794b1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| newassets.hcaptcha.com/c/f922a41/hsw.js | 104.18.125.91 | 200 OK | 470 kB |
URL GET HTTP/3newassets.hcaptcha.com/c/f922a41/hsw.js IP104.18.125.91:443
Requested byhttps://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=05tzfqbkwj2&host=anontransfer.com&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=6610571a-4613-4ecd-a763-7a8957c62512&theme=light&origin=https%3A%2F%2Fanontransfer.com CertificateIssuerLet's Encrypt Subjecthcaptcha.com Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5 ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT
Size470 kB (469642 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 12:45:06 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 11 Jun 2024 12:45:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88014e250d53b50f-OSL
content-encoding: br
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.74.67 | 200 OK | 6.2 kB |
URL GET HTTP/3fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.74.67:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hasha1a4ffbc52fa4bd18e2f9f7c45ba71fc 0df81f908c859204ae9748c21ad2a4219381b2e4 151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 13:00:35 GMT
expires: Tue, 06 May 2025 13:00:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 85472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| youradexchange.com/script/i.php?t=1&c=23426596&stamat=m%257C%252C%252Cg2a3Y3ZvoGU3BP-GH0dEdHP3xP.b31%252ClPaq-_QKNHVXG66e24PYReXzSpQxPcZiZ4F0QmhOGfR8X29rHYUhkl_2eue_xmUXFYF8GtnCfVrw--wis6sZxjLktEs6Vc20ax-gVQ-QxvVMS4muHNWRLxWoi5hQeqWHOA5J6r0D2xC1eFZwJLakumrJVT1vf5yjggQP8uSBtfWhqV0zpHrlfG0yEsmaVmyHxLNLDVkrN8PjIE5M7F6CN76g4OZXvoKxQidPqn95liWggw4GQimInaOaTXsR2TbejuOkUrXYSZtH2iqj6YpKMKLryFtbVYtdUpWyAjFpRlLLmYG22RQCyHqLK8DQxhslLa95B036zEBm7uMwPIhgQbine5Av8ZqIUPbUIsXHui3VLzzvbTrDqrpOwhMr5hahEvyUcifubSP9QaC3zmklyJfuNxjCq-ATmVBVc7L5FA0VqsNGogRCU0_bcIPwM4plWHT4BsSXH2R03BUO5YnpXVw9a0iBzJ19xa1BfyzUkrODbjs7yztWrl05LbNeC-6L206ncl1r5U5FqVLfRMdiCq9ykd-T-tDi3L3lZ2KKSQ1PEgP17Fz9tW74JUlg64xGm1GOnr1xPuKpAXLAgNmzQc6FeKwLe4H0TTeLHNUiNM-Y4lRw9vGmFDWNjRQVoA7X | 172.67.177.214 | 204 No Content | 0 B |
URL GET HTTP/3youradexchange.com/script/i.php?t=1&c=23426596&stamat=m%257C%252C%252Cg2a3Y3ZvoGU3BP-GH0dEdHP3xP.b31%252ClPaq-_QKNHVXG66e24PYReXzSpQxPcZiZ4F0QmhOGfR8X29rHYUhkl_2eue_xmUXFYF8GtnCfVrw--wis6sZxjLktEs6Vc20ax-gVQ-QxvVMS4muHNWRLxWoi5hQeqWHOA5J6r0D2xC1eFZwJLakumrJVT1vf5yjggQP8uSBtfWhqV0zpHrlfG0yEsmaVmyHxLNLDVkrN8PjIE5M7F6CN76g4OZXvoKxQidPqn95liWggw4GQimInaOaTXsR2TbejuOkUrXYSZtH2iqj6YpKMKLryFtbVYtdUpWyAjFpRlLLmYG22RQCyHqLK8DQxhslLa95B036zEBm7uMwPIhgQbine5Av8ZqIUPbUIsXHui3VLzzvbTrDqrpOwhMr5hahEvyUcifubSP9QaC3zmklyJfuNxjCq-ATmVBVc7L5FA0VqsNGogRCU0_bcIPwM4plWHT4BsSXH2R03BUO5YnpXVw9a0iBzJ19xa1BfyzUkrODbjs7yztWrl05LbNeC-6L206ncl1r5U5FqVLfRMdiCq9ykd-T-tDi3L3lZ2KKSQ1PEgP17Fz9tW74JUlg64xGm1GOnr1xPuKpAXLAgNmzQc6FeKwLe4H0TTeLHNUiNM-Y4lRw9vGmFDWNjRQVoA7X IP172.67.177.214:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?t=1&c=23426596&stamat=m%257C%252C%252Cg2a3Y3ZvoGU3BP-GH0dEdHP3xP.b31%252ClPaq-_QKNHVXG66e24PYReXzSpQxPcZiZ4F0QmhOGfR8X29rHYUhkl_2eue_xmUXFYF8GtnCfVrw--wis6sZxjLktEs6Vc20ax-gVQ-QxvVMS4muHNWRLxWoi5hQeqWHOA5J6r0D2xC1eFZwJLakumrJVT1vf5yjggQP8uSBtfWhqV0zpHrlfG0yEsmaVmyHxLNLDVkrN8PjIE5M7F6CN76g4OZXvoKxQidPqn95liWggw4GQimInaOaTXsR2TbejuOkUrXYSZtH2iqj6YpKMKLryFtbVYtdUpWyAjFpRlLLmYG22RQCyHqLK8DQxhslLa95B036zEBm7uMwPIhgQbine5Av8ZqIUPbUIsXHui3VLzzvbTrDqrpOwhMr5hahEvyUcifubSP9QaC3zmklyJfuNxjCq-ATmVBVc7L5FA0VqsNGogRCU0_bcIPwM4plWHT4BsSXH2R03BUO5YnpXVw9a0iBzJ19xa1BfyzUkrODbjs7yztWrl05LbNeC-6L206ncl1r5U5FqVLfRMdiCq9ykd-T-tDi3L3lZ2KKSQ1PEgP17Fz9tW74JUlg64xGm1GOnr1xPuKpAXLAgNmzQc6FeKwLe4H0TTeLHNUiNM-Y4lRw9vGmFDWNjRQVoA7X HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Tue, 07 May 2024 12:45:06 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFFx2gh4%2FwF6QNjYNkxRVtBiAhv0OJfRJgg3sdVWAYo6S3xy%2FINiO3%2B8JL4rCFulO%2F1gIx2h7XhJrWEXhW8SacZ%2B%2BD4I%2BQlalIABzTu3dI%2FFawnh1mdhQS0k1tW1cN8ObUvpd%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88014e21cab11c12-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fundingchoicesmessages.google.com/b/pub-1857840457925128 | 216.58.211.14 | 200 OK | 11 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/b/pub-1857840457925128 IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1483) Hash7d95c2ce557d72fb57101949fb17cfd3 fced0c276fe7dd10b6ec5709ad0b56623be753bb fa23e295b611fa0af4ba3a1828b1452ec9735f8c303c5c2f426113ed616e437f
GET /b/pub-1857840457925128 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-zvexLvs3kDR-sEAhHnBkEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAeKdiy-wHgTi7-wXWf8DsRAPx6UjLzayCRyYt3kTEwAZ2jOS"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1 | 216.58.211.14 | 200 OK | 186 kB |
URL GET HTTP/3fundingchoicesmessages.google.com/i/pub-1857840457925128?ers=1 IP216.58.211.14:443
Requested byhttps://anontransfer.com/download/JLTtNXU3eW/Codium.exe CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (1933) Size186 kB (186480 bytes) Hash423af97189461d4e15b4ceddaba7f231 ff1af6b0a3ed45c91c025a18e40953d6341745c7 5812fd1c1a8050c74353d6ac249e8d37202ee99e666d6cfd65abdfd9adbaf7c2
GET /i/pub-1857840457925128?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://anontransfer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 12:45:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-3iP_HU4kpRQA9_dUNVtdXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAeKdiy-wHgTib-wXWf8BsRAPx6UjLzayCfzo-byXCQAbyjQC"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|