anonymfile.com/9OYD/pack-apks-premium.rar
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/9OYD/pack-apks-premium.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /9OYD/pack-apks-premium.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 14 Oct 2022 19:24:17 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/9OYD/pack-apks-premium.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 14 Oct 2022 18:49:52 GMT
Expires: Fri, 14 Oct 2022 19:16:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CSwSouC0p3yVoOgd-2ZyhWDLfWJ2Wx3Z9oicVsONTkDlOk8BwVjAaQ==
Age: 2065
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ef1ca48ca7fd21239a2a11fcfc6366b
ee44232c27fb39d25ac901df2247c3ffd2c5bcca
e9bad8be490429a84a567acd710f97a402bcf7b4ba4e47f2bed27cada418c439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BAD8BE490429A84A567ACD710F97A402BCF7B4BA4E47F2BED27CADA418C439"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8964
Expires: Fri, 14 Oct 2022 21:53:41 GMT
Date: Fri, 14 Oct 2022 19:24:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2639
Expires: Fri, 14 Oct 2022 20:08:16 GMT
Date: Fri, 14 Oct 2022 19:24:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GkeYV90Xj4uiQ9oB58k9tRAC+hrosH5tscro5GVDVTgPlfmM0p1RBQBuydJrpv1s9lh9fzGdrrM=
x-amz-request-id: ZNFPKTRBET6T8ZYC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 14 Oct 2022 19:02:16 GMT
age: 1321
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: image/webp
content-length: 15344
last-modified: Sat, 30 Oct 2021 12:14:11 GMT
vary: Accept-Encoding
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 14 Oct 2022 19:07:43 GMT
Cache-Control: max-age=3600
Expires: Fri, 14 Oct 2022 19:47:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5mKFHBb_o3KGw5cYh2XzqV_2vW0u1xeJbkOKC-MAayz4ciaxN0Jjcg==
Age: 994
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: image/webp
content-length: 178070
last-modified: Wed, 10 Aug 2022 07:17:48 GMT
vary: Accept-Encoding
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 62 kB URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 22de2e95f0b622da042d12bf0e076b7a
270955cd82b05a2f2f5d08f53c1805d5ca8ad3f1
b10594c1d332245f2d890dacd182a3694de3bb7c5e4014e2121bff3d72e94424
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6655375
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWMe6QOqh9Mi1IJ2qbueO5CmLGdu1mcHP5%2Fx%2F2SswuQrOiAsFKJVovmr3ErJuCUadDfSnkcQpZCwfbs82iTXF%2BxWUzG3jUKkfED9%2BoGKPRdWzZAJGeOqWi0VbDDHcUpF3LAep9Oe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c32a53b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
104.17.24.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65370)
Hash d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6819345
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLIK6uEzHmhCxmRtQJNubd1aDNMqpJmDltTvkTltoKDvmrlDjPYW%2FniiEKXIjKDJ248mFrWo7bQrjpPF%2F%2FUPYoYPc8al2jqYHe722TA5BhYLshfNskLO220JiFp9a3uAjV7PPIyQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c32a55b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
104.17.24.14200 OK 6.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (18706)
Hash 3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8818266
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCkQujKC1BQDvE%2Fxv%2BUk56ACn6W6OOJAIxEzPp4MQHsPIt8rbANsMwqqsvgnMuwvGX7tweelqUq3kPWn1sHvAeuMgKD5r12JqafjekHqhumrpPruxTSyN2%2Fk0EmfmIXGpdhmtJis"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c32a66b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
104.17.24.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (58940)
Hash 28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6218403
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euSrXHo1HBAfBQrXFKOed8JA5Cds7FtgXEe3UBgtGfQMxumOo%2FnXimz2T8WWFKZn%2Bl53atEgCZnPaGB%2Bd1yrryAFSXhBkSIZvMQTmckIvgGFigihs9msv0E5CpQOfJfumrUUYnva"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c32a6db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6820678
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KgoTwc6uqGiikg8RprWoq1gy4muLMVO4KTPWnYSIxts4kgsD4mzVtOv8bw5%2B9P7P9dOQK8eMVBJ1Xrv2Ejh63LroeWnzdzwUGs1Uxykant26iFUl5AJPBqWhAxmsg9KhllbHHPb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c32a5db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
104.17.24.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (10584)
Hash e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2164405
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW7ymFu%2FDY%2B5jeY%2FPnW7zFOpaLmcEvoSHE9FmIZ3s%2Fc44d938Zl8kk1VsgxNuQEgSof1g0RMWYq0nDhh4c00zq61iFQMLvMlwjMqjTIMUeA3AHeYb6dB7k7Ds2Q8J1RJ2IwmDFlY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c33a72b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
104.17.24.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65370)
Hash d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6819345
expires: Wed, 04 Oct 2023 19:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1IyHB7FhRCxwdX8iGDYIfcxDfW06d9NltQnpwLmZH%2Fz3iPIfEFD9GpA2hOlC8U6Jc7%2B0ZnKiXuzGkOuqYOtZjFX2o6NSY9bcjMJA4J7blYPiSWsjju%2B7Te1dnuD8o1EwPob5Mo7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a2b1c33a89b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 419ffa526aa31558a35fb2fe3e406c3a
8b47485824d99ea93fa32a66c07aa6ab52d0c8a3
80d2e1e9623b3a316173577097c342b9ea0e14ea30ad85889668d3ceb1e812a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4722
Cache-Control: max-age=91166
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:24:17 GMT
Etag: "6348660d-116"
Expires: Sat, 15 Oct 2022 20:43:43 GMT
Last-Modified: Thu, 13 Oct 2022 19:25:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.85.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.85.229:0
File type ASCII text, with very long lines (42951)
Hash d29f5c5b239fa67f43ebe6393eb4f991
305bad5ac73d4303f0f9acbfb0b66074ecbb1332
67e94a905bca558d99fb4e9d517ea523e8598c0ccfee821699049a4b49185945
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.5.1
x-jsd-version-type: version
etag: W/"f9ad-u11s1mIswjGPM0nYS7k2QY0aOe0"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 14 Oct 2022 19:24:17 GMT
age: 40496
x-served-by: cache-fra19153-FRA, cache-bma1652-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17938
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2646
Cache-Control: max-age=134800
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:24:17 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 08:50:57 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash ed2236015186cfe8cad0680e26abd713
6f84a7ee737176c8e83bffaf104c119d869d4e5e
cee5f9dfecd2830ca16e27002ee40916b0a79635a1221f5d6597e8d382d45494
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2022 19:24:17 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4C9451D9457E6A9FC718DAD2F07F894D31AA211B"
Expires: Sat, 15 Oct 2022 06:00:00 GMT
Last-Modified: Fri, 14 Oct 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 427
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a2b1c41f86fabc-OSL
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 41 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uCWrBk9BCfaHrY0CL/FPPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gXTj98a9ABno2zbN8MpxB2LVbXo=
inklinkor.com/tag.min.js
104.21.91.63200 OK 130 kB IP 104.21.91.63:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129853 bytes)
Hash 301c9f165c48536d18058e2d85adbc83
cb795e0c81b5278acdd393b822960ca72f98ae8f
18ada25c489f7e1803f18d3e36d3c7af23542e5ba9f6b4cc390f41fc68c2fe54
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 1d6d1154ed6e1d390ed782c6528321f9
cache-control: max-age=86400
last-modified: Mon, 10 Oct 2022 14:13:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 15 Oct 2022 18:01:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydFyjdsFbbzIRE17zPJZd8fL9nfk0sSDKyKhZCN8tW%2BbEydConvkq36suQAePYbiSoKDAatmosp5yksL45rF71sBWWQ9bKIj5RpPT1vBhJzFBP%2FilPpEb8Rk2YDOl7WF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2b1c57b39b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b8352f2769899dacbff5cc3af6ee09d
a4d23a66f161d1bed2f14fc490b7b65569423255
7b23334bb287eb9cf02b328fd6001decf4f53fb92844530dbab202d26e315fe1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B23334BB287EB9CF02B328FD6001DECF4F53FB92844530DBAB202D26E315FE1"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4117
Expires: Fri, 14 Oct 2022 20:32:55 GMT
Date: Fri, 14 Oct 2022 19:24:18 GMT
Connection: keep-alive
anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar
138.201.48.112204 No Content 0 B URL HTTP/2 anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f45382c4b62e0c60690ec37eb54d28
dab43658a82dbbf4f5b7820ff13433059423b777
d598bb858c6deec505d42eb82e1db4908f802cef10e62acc0c95fcc2f482ef80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D598BB858C6DEEC505D42EB82E1DB4908F802CEF10E62ACC0C95FCC2F482EF80"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4926
Expires: Fri, 14 Oct 2022 20:46:24 GMT
Date: Fri, 14 Oct 2022 19:24:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ba317c1bdeecdd3f3a66f3d63c47b7
de52a45f080db72f753141984b4373b293ac9a02
6398b2c5ec1be75b41ef5917f32734417a565e9f851230eba65a93d5df331248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6398B2C5EC1BE75B41EF5917F32734417A565E9F851230EBA65A93D5DF331248"
Last-Modified: Thu, 13 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9693
Expires: Fri, 14 Oct 2022 22:05:51 GMT
Date: Fri, 14 Oct 2022 19:24:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8ceb6907e82e85fb8def6059388c6a5b
35baf6e386c6760b175fe9e2f1ccf94aa23252b7
29409c4b3a8e023a8c96dd6b87348a1523b2bcee1cd01db6cfd11fd9050d5af5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2022 19:24:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 18:25:21 GMT
Expires: Thu, 20 Oct 2022 18:25:20 GMT
Etag: "35baf6e386c6760b175fe9e2f1ccf94aa23252b7"
Cache-Control: max-age=514261,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a2b1c78911b4f1-OSL
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.123.175302 Found 171 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
Hash cc12d63eeb2131328cad7fa326bea737
82bd1621ab108975e03377492ce1e9ea488a5fb3
b516e3fab5d2b0a4068f86b986d6aa49c1befc64e658cffa790d26480e38317c
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GFBZ0VRTR0DZP9BEY49QN760-ams
cf-cache-status: HIT
age: 255
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75a2b1c3be780af6-OSL
X-Firefox-Spdy: h2
nanouwho.com/42/38?z=5307589
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/42/38?z=5307589
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bda2cacf7684434cbcc2909d8d503cdc; oaidts=1665775458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 258c7c16b9b8056b9bd29664e33addce
access-control-expose-headers: X-Sc
set-cookie: OAID=bda2cacf7684434cbcc2909d8d503cdc; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
oaidts=1665775458; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betotodilea.com/400/5307588?oo=1&oaid=93243b33d0054cdfb12832c88cf13f42
139.45.197.237200 OK 1.2 kB URL HTTP/2 betotodilea.com/400/5307588?oo=1&oaid=93243b33d0054cdfb12832c88cf13f42
IP 139.45.197.237:0
Hash e849f91aba13f419c8cd62d459e6dd38
8e8e5d6ece4e0bb3ef146b11b2bd416501f08e4c
465ee2337b9f97ab4fba64e0f01e7bbb85639651d44616a6010eed7ee74c480a
GET /400/5307588?oo=1&oaid=93243b33d0054cdfb12832c88cf13f42 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=72db891242ce41959adca9cc61043ff0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/json
x-trace-id: 3433f4ac15515fac2bb3ead77003044c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5b9558299ef3e3fc84d9ed4e19bedcd
0749856f7e9ee948e3d8659bddd8269a1143107c
5416ccaf494675b09ccaa9cebf554130f1e16a8550bc0de5a62b37a3fb6c5164
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5416CCAF494675B09CCAA9CEBF554130F1E16A8550BC0DE5A62B37A3FB6C5164"
Last-Modified: Thu, 13 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4064
Expires: Fri, 14 Oct 2022 20:32:02 GMT
Date: Fri, 14 Oct 2022 19:24:18 GMT
Connection: keep-alive
betotodilea.com/500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.436.1
139.45.197.234200 OK 7.9 kB URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.436.1
IP 139.45.197.234:0
Hash 686c116e5322fd71ac4dc452c89eaf0a
c1e4fccd5ba6b08d93f0b9bba87cf5873175e6ab
dc34fd64929036f1f53cc6eb4d7e73e16355e967b10502773981f7ed52e7cea4
GET /5/5307591/?oo=1&js_build=iclick-v1.436.1 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/json
x-trace-id: f8163684a8ce91ec27a698547dbc5da6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:18 GMT; path=/; secure; SameSite=None
oaidts=1665775458; expires=Sat, 14 Oct 2023 19:24:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=4287318253&z=5307589&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=pWXFmI1WlkGOHy1XTNpdaZ1v-XsZfqebaBmFnj1dVDjIaw-7VG3SSkNk-HTO1hgk9aRN911XdXisI8gxKHSJTAUbZ0hWz9ZrRLolfr0qDxF9OwOnHyzL_4f6bUgknarJ7UKA2ezUw4q3SgNpYPZQr2XGXhiA1Z_sM9gzTkLGGGGoW82z8tqZ9AelyvMZ4TQLL_f5BMFeVmHE25hs7YADsphxOB9IoTXBMcspt-tZaWaZ3Lo7uB0bty8w2EYdKgPDbOJWTKLt1chfCxqFcTST1_kPGwPWTVi2hwqEVkdUhcHk-XUdmmYwd_xSaGL916yQuCYSs_FOHfcef6E_6489cqPvcwfiwoIX6ULQeX32CTGewkvDoBS_AuGYwKgXzt4pvZwqhTZ9hTGIoakUT_6PnYWcbzUMNVOc4V4YZJdZ5RqWk0M8AlOXBGPlcRvrKbWz3CSdaJf-Q9B79RNT-LXIKMyfj2Zynypy9KzUYI6Taalbf7XvKM4SmSWlEvuOqzILl5wX5uPtyRyCL5cPvyF0LAgcvOA9tMCoOyr5HOilMGXQOjdxX1diC2ItIhn7RYPbz3tpvTg1P57OH_BmLKcBGa00YAQjvqkX2BX4IBoWY7qB6sKszIieMA2vMNUs6A-U_QEWE_sSpMAm-ssqk6MdnTSsur4=&ruid=9c3a4173-62bd-47ef-bdda-4ae453848d41&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=4287318253&z=5307589&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=pWXFmI1WlkGOHy1XTNpdaZ1v-XsZfqebaBmFnj1dVDjIaw-7VG3SSkNk-HTO1hgk9aRN911XdXisI8gxKHSJTAUbZ0hWz9ZrRLolfr0qDxF9OwOnHyzL_4f6bUgknarJ7UKA2ezUw4q3SgNpYPZQr2XGXhiA1Z_sM9gzTkLGGGGoW82z8tqZ9AelyvMZ4TQLL_f5BMFeVmHE25hs7YADsphxOB9IoTXBMcspt-tZaWaZ3Lo7uB0bty8w2EYdKgPDbOJWTKLt1chfCxqFcTST1_kPGwPWTVi2hwqEVkdUhcHk-XUdmmYwd_xSaGL916yQuCYSs_FOHfcef6E_6489cqPvcwfiwoIX6ULQeX32CTGewkvDoBS_AuGYwKgXzt4pvZwqhTZ9hTGIoakUT_6PnYWcbzUMNVOc4V4YZJdZ5RqWk0M8AlOXBGPlcRvrKbWz3CSdaJf-Q9B79RNT-LXIKMyfj2Zynypy9KzUYI6Taalbf7XvKM4SmSWlEvuOqzILl5wX5uPtyRyCL5cPvyF0LAgcvOA9tMCoOyr5HOilMGXQOjdxX1diC2ItIhn7RYPbz3tpvTg1P57OH_BmLKcBGa00YAQjvqkX2BX4IBoWY7qB6sKszIieMA2vMNUs6A-U_QEWE_sSpMAm-ssqk6MdnTSsur4=&ruid=9c3a4173-62bd-47ef-bdda-4ae453848d41&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=4287318253&z=5307589&b=14566424&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=pWXFmI1WlkGOHy1XTNpdaZ1v-XsZfqebaBmFnj1dVDjIaw-7VG3SSkNk-HTO1hgk9aRN911XdXisI8gxKHSJTAUbZ0hWz9ZrRLolfr0qDxF9OwOnHyzL_4f6bUgknarJ7UKA2ezUw4q3SgNpYPZQr2XGXhiA1Z_sM9gzTkLGGGGoW82z8tqZ9AelyvMZ4TQLL_f5BMFeVmHE25hs7YADsphxOB9IoTXBMcspt-tZaWaZ3Lo7uB0bty8w2EYdKgPDbOJWTKLt1chfCxqFcTST1_kPGwPWTVi2hwqEVkdUhcHk-XUdmmYwd_xSaGL916yQuCYSs_FOHfcef6E_6489cqPvcwfiwoIX6ULQeX32CTGewkvDoBS_AuGYwKgXzt4pvZwqhTZ9hTGIoakUT_6PnYWcbzUMNVOc4V4YZJdZ5RqWk0M8AlOXBGPlcRvrKbWz3CSdaJf-Q9B79RNT-LXIKMyfj2Zynypy9KzUYI6Taalbf7XvKM4SmSWlEvuOqzILl5wX5uPtyRyCL5cPvyF0LAgcvOA9tMCoOyr5HOilMGXQOjdxX1diC2ItIhn7RYPbz3tpvTg1P57OH_BmLKcBGa00YAQjvqkX2BX4IBoWY7qB6sKszIieMA2vMNUs6A-U_QEWE_sSpMAm-ssqk6MdnTSsur4=&ruid=9c3a4173-62bd-47ef-bdda-4ae453848d41&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=93243b33d0054cdfb12832c88cf13f42; oaidts=1665775458
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d45ab673bac70e7fe963e33d3cb8757f
access-control-expose-headers: X-Sc
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
oaidts=1665775458; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
propu.sh/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 propu.sh/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 85b500922d6a75d294f234596bc6c657
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 73dbb55abb1ed756a08732d4fcf92ace
c235309dac282596e7b3e33354b2c8c73efba681
062fed41771c0a40b0d26b4a755a2ec0269c6b95cd888e2c4326d4ee96fed369
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5708
Cache-Control: max-age=109058
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 19:24:19 GMT
Etag: "6348a819-117"
Expires: Sun, 16 Oct 2022 01:41:57 GMT
Last-Modified: Fri, 14 Oct 2022 00:06:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/62c703a00b6b0b812f19bf502bbf1663.jpeg
104.22.33.172200 OK 6.6 kB URL HTTP/2 offerimage.com/www/images/62c703a00b6b0b812f19bf502bbf1663.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 62c703a00b6b0b812f19bf502bbf1663
6b5d441250dd3b34e9385068f13433f21252cd91
b3fea04c0ab7fda66792d685861db39b94cab2f59b9eb1cdfd3d90700529e9a0
GET /www/images/62c703a00b6b0b812f19bf502bbf1663.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: image/jpeg
content-length: 6624
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6272a468-19e0"
expires: Sat, 15 Oct 2022 10:09:46 GMT
last-modified: Wed, 04 May 2022 16:06:00 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 33273
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2b1cbbcfd416f-HAM
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42
139.45.197.242200 OK 24 kB URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42
IP 139.45.197.242:0
Hash cc2c2c08ffcc21adc2b2d54bc5551848
a23d691c684fd1bd3b4a6cf00bddc83de7aa0d8f
954ad23b11d8874e27e00e3ed01196ffbbfd468d336b07bab1b73df45a2dbcf3
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=93243b33d0054cdfb12832c88cf13f42 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 125
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bda2cacf7684434cbcc2909d8d503cdc; oaidts=1665775458
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 4e95659eb80f1e5362fd8280867adb12
access-control-expose-headers: X-Sc
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
oaidts=1665775458; expires=Sat, 14 Oct 2023 19:24:18 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 5.5 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Hash af6dbddc05d96148af4af9aea613f121
9ecfdf738dafe9659d62a2b537ad246328013406
0de75af6ce42a58ca6db3eb71f6612b283e5a078bd4b6c48e8fb9b3768b60bb0
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 14 Oct 2022 19:24:19 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 752
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 145478cbed438500d7b4dbf012e83a1e
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 391
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 7346c171d4a43de9dfedafc2ba027c6b
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13979
Expires: Fri, 14 Oct 2022 23:17:18 GMT
Date: Fri, 14 Oct 2022 19:24:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13979
Expires: Fri, 14 Oct 2022 23:17:18 GMT
Date: Fri, 14 Oct 2022 19:24:19 GMT
Connection: keep-alive
interstitial-07.com/contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg
139.45.197.153200 OK 47 kB URL HTTP/2 interstitial-07.com/contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 2f0c5c05fe4242e3b0d6a0486ead3410
2fe595fc2851b76263649bb2c4781f2c20933dd2
a22ffbd7bf69000b15925f4c7e1655fecf0774e360a897134a7708103a25024d
GET /contents/s/2f/0c/5c/05fe4242e3b0d6a0486ead3410/033925084315.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D667450004%26z%3D5307589%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DpWXFmI1WlkGOHy1XTNpdaZ1v-XsZfqebaBmFnj1dVDjIaw-7VG3SSkNk-HTO1hgk9aRN911XdXisI8gxKHSJTAUbZ0hWz9ZrRLolfr0qDxF9OwOnHyzL_4f6bUgknarJ7UKA2ezUw4q3SgNpYPZQr2XGXhiA1Z_sM9gzTkLGGGGoW82z8tqZ9AelyvMZ4TQLL_f5BMFeVmHE25hs7YADsphxOB9IoTXBMcspt-tZaWaZ3Lo7uB0bty8w2EYdKgPDbOJWTKLt1chfCxqFcTST1_kPGwPWTVi2hwqEVkdUhcHk-XUdmmYwd_xSaGL916yQuCYSs_FOHfcef6E_6489cqPvcwfiwoIX6ULQeX32CTGewkvDoBS_AuGYwKgXzt4pvZwqhTZ9hTGIoakUT_6PnYWcbzUMNVOc4V4YZJdZ5RqWk0M8AlOXBGPlcRvrKbWz3CSdaJf-Q9B79RNT-LXIKMyfj2Zynypy9KzUYI6Taalbf7XvKM4SmSWlEvuOqzILl5wX5uPtyRyCL5cPvyF0LAgcvOA9tMCoOyr5HOilMGXQOjdxX1diC2ItIhn7RYPbz3tpvTg1P57OH_BmLKcBGa00YAQjvqkX2BX4IBoWY7qB6sKszIieMA2vMNUs6A-U_QEWE_sSpMAm-ssqk6MdnTSsur4%3D%26bag%3DXC_NdiERrzCB43Jo38Cu1w%3D%3D%26ruid%3D9c3a4173-62bd-47ef-bdda-4ae453848d41%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F9OYD%252Fpack-apks-premium.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: image/jpeg
content-length: 47320
last-modified: Thu, 16 Sep 2021 07:03:00 GMT
etag: "6142ec24-b8d8"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13979
Expires: Fri, 14 Oct 2022 23:17:18 GMT
Date: Fri, 14 Oct 2022 19:24:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7411df7da53e98c4988663b3338ac449
cd5518eff668619efbf3b821306d651fcb30a712
b87d92eef134e1378d51aac8503545949596c982b53fbda75ccbec71dbff6d7b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5994
x-amzn-requestid: c4d202a5-0dcc-4ece-9200-4f1865d619c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhRaIHWfoAMFgGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2f73-07f65d1f633273a6422c4e5c;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:17:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jc6QSHFxsZBjkJx66v2m6XvBaImSG43hXrLd-VW7mK-e3R8v1V94ng==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:00:28 GMT
age: 77031
etag: "cd5518eff668619efbf3b821306d651fcb30a712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a0e7692a42450c5880b6bf2c3e600f
3c567806bfec9a195235f1c1e3c3e4bc647fdde9
318e462ae5b2da302cc3fa6539270866a352f011ebcc9ea35eef50c38fe9fe24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6685
x-amzn-requestid: 8d5aa091-bf24-4ab1-a33b-73795e951da1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EENeIAMF9Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-36c8c3d75b57c8df3b0644a0;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf8nte3n3LzQdLXnv6MfnVk2LO0b0CjSfyiaxK2UWsM2DLsm-xEAgA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:56:44 GMT
age: 77255
etag: "3c567806bfec9a195235f1c1e3c3e4bc647fdde9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07dec47a418618af22b7104e1bbde5e6
c34dd1552df55e8b62e699a5efb14e7f26a60acb
5eb94cd99c5187faa2c0c8f5ef5b9786009d37c2950ca0048eb3f737e45c363b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9622
x-amzn-requestid: 340d7e66-1eb4-49fc-bf3d-56e5cc4af771
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9n2_HXqIAMFzsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488692-78ea067c541cb84f75741d22;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uN6RkKHKGjhauRGxTQiyluFaTwFaGBgtkJsdFMcxUoZNEu_05ocMZg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:18:42 GMT
etag: "c34dd1552df55e8b62e699a5efb14e7f26a60acb"
content-type: image/jpeg
age: 75937
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e80557033ce8935b57b87fe59633393e
6c055a00a12067ab5b11458bb614bc6f1028c28a
8a88d7f2110e5c200f6f26ed5e6c7b299b9c76654f095b870cfffb2a8d7b96d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9350
x-amzn-requestid: fd2ec00f-7ef1-4e4a-a652-a388dcba3e16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EHctoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-7e945574599f2ec67e824671;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nGGbFQtzfoIKZyepQq5gOTzJ4XFk6PzjncnWVn5dCMRWqi88NXkkjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:53:45 GMT
age: 77434
etag: "6c055a00a12067ab5b11458bb614bc6f1028c28a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ceb853f7903c036cf7ae6f0d68bf25e2
106087a4ce37b2819b44fc753449d7a741444151
06acabf4bc19b05e31dcd8783e0e6a3ad64558d73f374ea4a806a1739786d2c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06ACABF4BC19B05E31DCD8783E0E6A3AD64558D73F374EA4A806A1739786D2C9"
Last-Modified: Wed, 12 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4179
Expires: Fri, 14 Oct 2022 20:33:58 GMT
Date: Fri, 14 Oct 2022 19:24:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c2fb169144739a1240a832df181cf24
a7eb3a1289135eeafd639dffba6daf3e0bd0aee5
6f471bf8a40088a008efc818c762f8ec99988b9b68478034762cf872c809d246
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6005
x-amzn-requestid: f9cd6d19-f5f8-44ad-a809-9c66b2cea9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m7YEw7oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488515-74c9354b031430335dfea732;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LXxeCjMMQNf9omLbqQcNmOE0beFQz79WxHAamulwf5JtYN8UL3qOmg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:47:47 GMT
age: 77792
etag: "a7eb3a1289135eeafd639dffba6daf3e0bd0aee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5c76a23-8abd-4e3e-a093-75e8dfb1dbfb.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5c76a23-8abd-4e3e-a093-75e8dfb1dbfb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56217b4ec776d52347ca781dd826b1fc
8f1261feb1d5ed02e3ffcdc1bdfd299f03108d96
1efffa3f5ce3690da3215b7ec98bf6b6c80888fa99fc130b87e5aa11cf2c8f43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5c76a23-8abd-4e3e-a093-75e8dfb1dbfb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14262
x-amzn-requestid: d52e5bb3-1c81-4691-989c-18f4f9884aad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhQUBFshIAMFvzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2db3-10be4b386c99044a771581dc;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:09:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _qVRL8MKJ3-mdJ-q9LNbqMu_c3y0AlhGpVom7570zvnPM4WIw_KFCQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 20:16:51 GMT
age: 83248
etag: "8f1261feb1d5ed02e3ffcdc1bdfd299f03108d96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 1fbe42d69553a56e61568fd2e029a7c8
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 568beb264178aeb70f2c8545481973bb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b1a68f6f0f9db4de676a295bdc501d55
32e7bc57e9dd24b9999a13bdf3a721bc9173c03c
5916a85e9d267060d89a664561bf981e535b7b4e5ebed5a64c87969f50137d78
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 14 Oct 2022 19:24:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 12:52:20 GMT
Expires: Thu, 20 Oct 2022 12:52:19 GMT
Etag: "32e7bc57e9dd24b9999a13bdf3a721bc9173c03c"
Cache-Control: max-age=494279,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a2b1cb0ed7b4f1-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonymfile.com
Content-Length: 1536
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 14 Oct 2022 19:24:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
betotodilea.com/impression/nNjYgnn6MBAon-sIlNoNaAN9ziHolqphQHXjCdE8HIWO_H9VvVLSVc00OE0SOJUjeVLpmxrmuw_q90vtTrIWQyBFpyNeMfoGnJ51RbRgePqRLsdZzZTVFA3ApXn8YraDyBgHj2_qAVV9SMTnk3lkBNWZLG9vJvTXgsyNQD2MN2mWJi164882Z2if08yvX4L3NnOgRjLYUL5G-1Ib8IBeAptaqKF6WJ9mgyYwAV67JCjnP7ER5CUWqfLxwr0y20zWn7T4HQnfIenOMMvjkfbeqdT01jhsa6snP-IHyuFEUITqB7mEtWIzg1bCJNASvoYTPbDhRD0_EOMd38ATZN6FOcIj3ZUpJCL_wLxn4s80tInD5HJOreQUe-bp0oBVfcFpUFTfA6I35FmkneFoKtdkZSSye604gn2daNz7IM-JKIILEYlEjRlNZ41Vw2KUTd0hED5fzz0vOe-PGSceZK97lQ_mJcEEQoKRwuUbwcYQnrXseMmquJSkKWZrga2h7pyrPP_VVATU-FEPv1BR2f1CMLx_C_PL3EakkAeKIyWGS7a1Lg0uczLq6o0YeYsUu0jxYc0P0rEtE8viqZlyLucarzHjtBnWKnw0WOMQQA==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/nNjYgnn6MBAon-sIlNoNaAN9ziHolqphQHXjCdE8HIWO_H9VvVLSVc00OE0SOJUjeVLpmxrmuw_q90vtTrIWQyBFpyNeMfoGnJ51RbRgePqRLsdZzZTVFA3ApXn8YraDyBgHj2_qAVV9SMTnk3lkBNWZLG9vJvTXgsyNQD2MN2mWJi164882Z2if08yvX4L3NnOgRjLYUL5G-1Ib8IBeAptaqKF6WJ9mgyYwAV67JCjnP7ER5CUWqfLxwr0y20zWn7T4HQnfIenOMMvjkfbeqdT01jhsa6snP-IHyuFEUITqB7mEtWIzg1bCJNASvoYTPbDhRD0_EOMd38ATZN6FOcIj3ZUpJCL_wLxn4s80tInD5HJOreQUe-bp0oBVfcFpUFTfA6I35FmkneFoKtdkZSSye604gn2daNz7IM-JKIILEYlEjRlNZ41Vw2KUTd0hED5fzz0vOe-PGSceZK97lQ_mJcEEQoKRwuUbwcYQnrXseMmquJSkKWZrga2h7pyrPP_VVATU-FEPv1BR2f1CMLx_C_PL3EakkAeKIyWGS7a1Lg0uczLq6o0YeYsUu0jxYc0P0rEtE8viqZlyLucarzHjtBnWKnw0WOMQQA==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/nNjYgnn6MBAon-sIlNoNaAN9ziHolqphQHXjCdE8HIWO_H9VvVLSVc00OE0SOJUjeVLpmxrmuw_q90vtTrIWQyBFpyNeMfoGnJ51RbRgePqRLsdZzZTVFA3ApXn8YraDyBgHj2_qAVV9SMTnk3lkBNWZLG9vJvTXgsyNQD2MN2mWJi164882Z2if08yvX4L3NnOgRjLYUL5G-1Ib8IBeAptaqKF6WJ9mgyYwAV67JCjnP7ER5CUWqfLxwr0y20zWn7T4HQnfIenOMMvjkfbeqdT01jhsa6snP-IHyuFEUITqB7mEtWIzg1bCJNASvoYTPbDhRD0_EOMd38ATZN6FOcIj3ZUpJCL_wLxn4s80tInD5HJOreQUe-bp0oBVfcFpUFTfA6I35FmkneFoKtdkZSSye604gn2daNz7IM-JKIILEYlEjRlNZ41Vw2KUTd0hED5fzz0vOe-PGSceZK97lQ_mJcEEQoKRwuUbwcYQnrXseMmquJSkKWZrga2h7pyrPP_VVATU-FEPv1BR2f1CMLx_C_PL3EakkAeKIyWGS7a1Lg0uczLq6o0YeYsUu0jxYc0P0rEtE8viqZlyLucarzHjtBnWKnw0WOMQQA==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=93243b33d0054cdfb12832c88cf13f42
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:23 GMT
content-type: image/gif
content-length: 43
x-trace-id: ac4311f7fe26757d97af9aadf1d5f604
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:24 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 94 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 90ffff44d2e89abea623c3a3fed6392a
45cb1bf147165d13ab09842b3ce59282e936ba02
41441d14ff1bc273dfdf078e6a2d7dcd667b9d6d1a3cf719f911d41301a929f5
GET /500/5307588?excludes=15228224&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=93243b33d0054cdfb12832c88cf13f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:24 GMT
content-type: application/javascript
x-trace-id: 8baf3fcf47866c888ea9e857e3c45c54
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05cbae7a5598ecb6de18ba845117b543
00c5b6a969acf49d11b963ed509f4c7c0a767438
f915a4215fc3bb08a43b38352dec8ef798d0e7648df20cb53c968c52108216f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29dee6f-934c-4a9c-a8aa-8da6931e92e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8890
x-amzn-requestid: 53e8447e-dbb7-41f1-a184-ceea0e33ed3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9nLqG2voAMFc-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348857d-302e435a359d84ab25d3b003;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ashiRI0jxjFwVDJaldk8AwtX2z8p4j4Vvck78BAAnazxoIfBFbHwdQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:18:53 GMT
age: 75933
etag: "00c5b6a969acf49d11b963ed509f4c7c0a767438"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 14 Oct 2022 19:24:17 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 14 Oct 2022 19:24:18 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/3a63a2a43bbf0a0bb029696534151382 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=bda2cacf7684434cbcc2909d8d503cdc; oaidts=1665775458
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 13 Oct 2022 05:14:04 GMT
expires: Thu, 12 Nov 2082 05:14:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GFBZ5Z616BCTF5N171NPBDF3-ams
cf-cache-status: HIT
age: 88
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75a2b1c3ae730af6-OSL
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/9OYD/pack-apks-premium.rar
Cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:24:17 GMT
last-modified: Fri, 14 Oct 2022 19:24:17 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:17 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 8818701
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75a2b1c3deab0af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4465
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1umRX5YUYb%2BkvpE3uzx3GNEnCTM%2BXSUaINW2QPHZ2gItDUGI6o2%2BRIvp4XVl87xwKWoQYJ7KEUE225G82Le0gxM8YSI5QntDq4%2F%2FgZo8UxtschkJL279CdRXfmmdNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a2b1c9791c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=VmwR4yPn0jgZLlg0PD2xk1Z51l4sdB8SZxN55f6XpbkU8zbR9CDQbgae-j1yREtWWHWCIniriwSKkoQckb-kGWiVb5DcWRtk_wjU1xFPkHBy696UFOfm7vqytkbuXdP_vSG0l6ASYwxaqR-e3BtwpjJNoOHl7SYLQE-lgUJmgYN2-DiyvM49uC2ztdXIZ4yL82eXL7a4SltgO2Ry8-IT5nHQ2r8%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=393255b5-fa09-4650-aeb7-b6ee617d49c1&userId=93243b33d0054cdfb12832c88cf13f42&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=VmwR4yPn0jgZLlg0PD2xk1Z51l4sdB8SZxN55f6XpbkU8zbR9CDQbgae-j1yREtWWHWCIniriwSKkoQckb-kGWiVb5DcWRtk_wjU1xFPkHBy696UFOfm7vqytkbuXdP_vSG0l6ASYwxaqR-e3BtwpjJNoOHl7SYLQE-lgUJmgYN2-DiyvM49uC2ztdXIZ4yL82eXL7a4SltgO2Ry8-IT5nHQ2r8%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=393255b5-fa09-4650-aeb7-b6ee617d49c1&userId=93243b33d0054cdfb12832c88cf13f42&m=link
IP 139.45.197.243:0
GET /?rb=VmwR4yPn0jgZLlg0PD2xk1Z51l4sdB8SZxN55f6XpbkU8zbR9CDQbgae-j1yREtWWHWCIniriwSKkoQckb-kGWiVb5DcWRtk_wjU1xFPkHBy696UFOfm7vqytkbuXdP_vSG0l6ASYwxaqR-e3BtwpjJNoOHl7SYLQE-lgUJmgYN2-DiyvM49uC2ztdXIZ4yL82eXL7a4SltgO2Ry8-IT5nHQ2r8%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=393255b5-fa09-4650-aeb7-b6ee617d49c1&userId=93243b33d0054cdfb12832c88cf13f42&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:18 GMT
content-type: application/json
x-trace-id: 388b219715bac89361d11b11ccec5b8b
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:18 GMT; path=/; secure; SameSite=None
oaidts=1665775458; expires=Sat, 14 Oct 2023 19:24:18 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 21 Oct 2022 19:24:18 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5307588?excludes=&oaid=93243b33d0054cdfb12832c88cf13f42&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F9OYD%2Fpack-apks-premium.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=93243b33d0054cdfb12832c88cf13f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 19:24:19 GMT
content-type: application/javascript
x-trace-id: 0dd2a9eb1c8da2458e4f26115c11c360
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=93243b33d0054cdfb12832c88cf13f42; expires=Sat, 14 Oct 2023 19:24:19 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/9OYD/pack-apks-premium.rar
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/9OYD/pack-apks-premium.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /9OYD/pack-apks-premium.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IjQxN28yOFdUM2F4WUJSNVRoS2c2dXc9PSIsInZhbHVlIjoicXJ6U2N0YUZwSm5xemNybTdxeVUzbU8yK0d5aFdlOHN2cFprRWppVHdJdkhacFJqYUk1RkMvV2tseWNBd1N0NmVncHdzZ2plY01jQkd5c2Y0cndRTlN0STNEbkJ6cFcxdkZCUWpCTlRtWlJZRFFPRVh0WWQ5cVhaWUQxZFNsR00iLCJtYWMiOiIzOGQ4Y2ViMDAxOTVjM2YyMDc2NDUwNmNlNjU1NDhhMGZhYzczNzNiOGY1ZjBhN2UxNmJiNDFhNTMzYjIyOWJiIiwidGFnIjoiIn0%3D; expires=Fri, 14-Oct-2022 21:24:17 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6IndnaEtHNVNjZzRGWG45MFpRdisxRHc9PSIsInZhbHVlIjoiN2pRdi9wZTJ3S2V0NGhHRjJ3QnJPa3lGTWEzUm5tTk95SVNTTGl0NmxaMHJKYkJBWXJLMXhqT0k0UjdWb0hqVXQvaFIxQm52dmFuVXBSaWFXamsweEJjT2h0M0RKWHVDWEF3a0IwNTlsMjJBV2RadzJiczFCcWxwL1M2dUFNMy8iLCJtYWMiOiJlNzNhNTRjNzlmNTc2ZDY5ZGE1MGExMTcwZWFiNGU5NzYzN2YxODgxN2Y5OTY0NWUyMjVjZTI5MTM0ZDY2OTZhIiwidGFnIjoiIn0%3D; expires=Fri, 14-Oct-2022 21:24:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Fri, 14 Oct 2022 19:24:17 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2