Overview

URLcdn-145.anonfiles.com/gch4kft6ye/ec1a0ebd-1674654961/kreyzespoofer.rar
IP 195.96.151.38 (Sweden)
ASN#41634 Svea Hosting AB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2023-01-25 16:00:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2023-01-25 04:11:11 UTC 142.250.74.131
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-01-25 04:10:25 UTC 52.35.3.113
ardsoffhdgat.xyz (4) 0 No data No data 54.230.111.84 Unknown ranking
reoreexpresi.xyz (2) 0 2023-01-24 06:45:22 UTC 2023-01-24 07:19:48 UTC 104.21.58.110 Unknown ranking
accounts.google.com (4) 81 2012-05-23 06:57:57 UTC 2023-01-24 18:28:32 UTC 142.250.74.109
pogothere.xyz (2) 0 2022-09-04 19:11:25 UTC 2023-01-25 12:59:40 UTC 172.64.199.35 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-01-25 04:09:39 UTC 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-01-25 04:09:41 UTC 34.117.237.239
vjs.zencdn.net (2) 4968 2012-05-21 08:26:59 UTC 2023-01-25 06:19:30 UTC 151.101.2.217
djv99sxoqpv11.cloudfront.net (3) 0 2021-02-04 11:22:38 UTC 2023-01-24 19:52:26 UTC 54.230.245.59 Unknown ranking
r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2023-01-25 04:09:15 UTC 23.36.76.226
anonfiles.com (20) 117161 2012-06-18 10:03:32 UTC 2023-01-24 04:56:42 UTC 45.154.253.152
thecoveos.com (5) 0 2023-01-15 08:20:54 UTC 2023-01-25 13:31:21 UTC 52.20.131.174 Unknown ranking
cdn-145.anonfiles.com (2) 0 2022-01-15 23:14:21 UTC 2023-01-24 18:36:50 UTC 195.96.151.38 Domain (anonfiles.com) ranked at: 117161
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-01-25 04:09:50 UTC 34.160.144.191
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2023-01-25 11:19:42 UTC 93.184.220.29
e1.o.lencr.org (3) 6159 2021-08-20 07:36:30 UTC 2023-01-25 04:10:58 UTC 95.101.11.115
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2023-01-25 04:09:34 UTC 34.120.237.76
baconaces.pro (1) 835148 2018-07-16 08:32:31 UTC 2023-01-24 04:56:43 UTC 52.20.131.174
www.facebook.com (1) 99 No data No data 31.13.72.36

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-01-25 2 djv99sxoqpv11.cloudfront.net/fd3YwSzcUGV4tCAMfVHYAREEDeAdRHEMkWQdLUyFWOiVBE (...) Malware
2023-01-25 2 djv99sxoqpv11.cloudfront.net/dUldTREgxOD0idyY+N3l/YWBgdnF0PSArJiJqPHExFR0kN (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.96.151.38
Date UQ / IDS / BL URL IP
2023-02-04 07:53:25 +0000 0 - 0 - 4 cdn-145.anonfiles.com/09pf19Vdyf/9e04c83e-167 (...) 195.96.151.38
2023-02-04 07:47:16 +0000 0 - 0 - 5 cdn-145.anonfiles.com/09pf19Vdyf/9e04c83e-167 (...) 195.96.151.38
2023-02-03 05:00:53 +0000 0 - 0 - 4 cdn-145.anonfiles.com/68k4n1ubye/f2df43b9-167 (...) 195.96.151.38
2023-02-03 05:00:39 +0000 0 - 0 - 4 cdn-145.anonfiles.com/68k4n1ubye/f2df43b9-167 (...) 195.96.151.38
2023-01-29 22:30:53 +0000 0 - 0 - 2 cdn-145.anonfiles.com/gdqcaeu9y5/47b33883-167 (...) 195.96.151.38


Last 5 reports on ASN: Svea Hosting AB
Date UQ / IDS / BL URL IP
2023-02-06 07:20:25 +0000 0 - 2 - 0 cdn-151.letsupload.cc/red4f2W6ya/80f2a73f-167 (...) 195.96.151.44
2023-02-06 06:47:07 +0000 0 - 0 - 4 anonfiles.com/z9KeRaJ0y8/Jspm_DATABASE_ziphtt (...) 45.154.253.151
2023-02-06 06:40:59 +0000 0 - 0 - 4 cdn-151.anonfiles.com/ldm69ddey8/50f86631-167 (...) 195.96.151.44
2023-02-05 23:03:20 +0000 0 - 0 - 4 anonfiles.com/R1F6i9A6y8/SSBBW_Adeline_2022_H (...) 45.154.253.152
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40


Last 5 reports on domain: anonfiles.com
Date UQ / IDS / BL URL IP
2023-02-06 06:47:07 +0000 0 - 0 - 4 anonfiles.com/z9KeRaJ0y8/Jspm_DATABASE_ziphtt (...) 45.154.253.151
2023-02-06 06:40:59 +0000 0 - 0 - 4 cdn-151.anonfiles.com/ldm69ddey8/50f86631-167 (...) 195.96.151.44
2023-02-05 23:03:20 +0000 0 - 0 - 4 anonfiles.com/R1F6i9A6y8/SSBBW_Adeline_2022_H (...) 45.154.253.152
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 22:30:40 +0000 0 - 0 - 4 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 22:30:40 +0000 0 - 0 - 4 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 17:30:53 +0000 0 - 0 - 4 cdn-143.anonfiles.com/29b8d1weyb/49de4e9b-167 (...) 195.96.151.36
2023-02-05 17:30:40 +0000 0 - 0 - 6 cdn-143.anonfiles.com/29b8d1weyb/49de4e9b-167 (...) 195.96.151.36
2023-02-05 15:31:17 +0000 0 - 0 - 6 cdn-150.anonfiles.com/79m13cl1yc/98a37e03-167 (...) 195.96.151.43

JavaScript

Executed Scripts (12)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (76)


Request Response
                                        
                                            GET /gch4kft6ye/ec1a0ebd-1674654961/kreyzespoofer.rar HTTP/1.1 
Host: cdn-145.anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.96.151.38
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 162
Connection: close
Location: https://cdn-145.anonfiles.com/gch4kft6ye/ec1a0ebd-1674654961/kreyzespoofer.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11042
Expires: Wed, 25 Jan 2023 19:04:30 GMT
Date: Wed, 25 Jan 2023 16:00:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8605
Expires: Wed, 25 Jan 2023 18:23:53 GMT
Date: Wed, 25 Jan 2023 16:00:28 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 15:35:13 GMT
age: 1515
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    dcd75ca6daca51c5e39d431468511793
Sha1:   07f76d3bf23d65c9110d810fa71a994e39e085d3
Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6593
Expires: Wed, 25 Jan 2023 17:50:21 GMT
Date: Wed, 25 Jan 2023 16:00:28 GMT
Connection: keep-alive

                                        
                                            GET /gch4kft6ye/ec1a0ebd-1674654961/kreyzespoofer.rar HTTP/1.1 
Host: cdn-145.anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         195.96.151.38
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/gch4kft6ye
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: M2paPEFfoXkzSJs2SJsJW4neN46rZcvYHMB6Iaw8ZMRPP2eNkAvRyYFNWMWJyLue+c85gOnslmM=
x-amz-request-id: V93NY7PSDGXGQXJQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 15:19:43 GMT
age: 2445
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    7b922915ebf1fa3639b333f994c74f24
Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938
Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F47B8991865DF0F407FEACAC9D18018B6FEE06F50DA4271E87B745ADC3F9123C"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12560
Expires: Wed, 25 Jan 2023 19:29:48 GMT
Date: Wed, 25 Jan 2023 16:00:28 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 25 Jan 2023 16:00:28 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /gch4kft6ye HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.154.253.152
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: N
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   2741
Md5:    07240c669078f51bfee4005ea34b5153
Sha1:   b8633d5d098de597818d8c2af0d435c9f5f4eb70
Sha256: 35cc160ce6ed14dadd23d6e7fef0d6f1f1ef9b946be60e261e6efaa9c18384eb
                                        
                                            GET /css/anonfiles.css?1668606177 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6905
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65452)
Size:   25261
Md5:    bf84dfe5f6e6044aa4c1095a7a9a850e
Sha1:   e411fe5ea4f2b5ce7382dfe3079589f4817ad165
Sha256: 2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
                                        
                                            GET /js/app.js?1668606177 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6282
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (63238)
Size:   57886
Md5:    ba67ff13fd07739a7037fbc27b2a1955
Sha1:   3e253f69b2f12659c541de122c6bce0ed82ba369
Sha256: 1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
                                        
                                            GET /img/flags/24/br.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6536
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1115
Md5:    6a5938d2e7f7d6f4026d6eb1b4b4f2cd
Sha1:   7a038177fe4deec455d61d3e9c90019fa4727d40
Sha256: 0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
                                        
                                            GET /img/flags/24/dk.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6311
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   537
Md5:    b6ebe55a7d176720cd2b1003298187a8
Sha1:   930858408b9af1f79c430bbe15c185db555a7815
Sha256: 07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
                                        
                                            GET /static/logo.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 18441
Connection: keep-alive
last-modified: Wed, 16 Nov 2022 12:55:21 GMT
etag: "6374ddb9-4809"


--- Additional Info ---
Magic:  PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   18441
Md5:    f9fd716d30e220aa24bab0e94ebf0aa0
Sha1:   4af32d78655436173f272bb65159a232f1671b8d
Sha256: 5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
                                        
                                            GET /img/flags/24/in.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7988
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   593
Md5:    ccaf96cfc341dc9a17e24b96bef223ff
Sha1:   8791d6db6628e0fb21b847ab94484f0c615e38ac
Sha256: 728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
                                        
                                            GET /7.3.0/video.min.js HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.2.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Wed, 25 Jan 2023 16:00:28 GMT
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65141)
Size:   132230
Md5:    e296d874aca2a1550b409394be51efaa
Sha1:   c184c030e9aab3d03de27bc588919e249d5ccdf7
Sha256: 401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
                                        
                                            GET /7.3.0/video-js.min.css HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.2.217
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Wed, 25 Jan 2023 16:00:28 GMT
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 4583
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35998), with no line terminators
Size:   9673
Md5:    3397ce943db8add2728dccd9a3b8b8bc
Sha1:   a57bbb7546a458fe57d72d06baab950125260cc9
Sha256: 5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
                                        
                                            GET /img/flags/24/es.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:28 GMT
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7709
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   666
Md5:    5fa381a8eb16d9e673d32980e7fd1710
Sha1:   fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
Sha256: 7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 15:41:40 GMT
age: 1129
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/flags/24/fr.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6854
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   536
Md5:    e81efecf1a1b1d3a17d00a904c5cc3c9
Sha1:   1203894dbfc8363302dc709d852c05a4dd8bf9dc
Sha256: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
                                        
                                            GET /img/flags/24/fi.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7176
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   456
Md5:    0ea9115d18d5210d4f1db520881faa3a
Sha1:   09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
Sha256: 544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89B55C8E1AD6A2DCC9E450E59EC1BB6B815AF0C6C8D12354F644BA69B31EDA0F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4053
Expires: Wed, 25 Jan 2023 17:08:02 GMT
Date: Wed, 25 Jan 2023 16:00:29 GMT
Connection: keep-alive

                                        
                                            GET /img/flags/24/pl.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7242
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   347
Md5:    baf3aff7caef0be58f29b41f20a0e4db
Sha1:   11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
Sha256: 0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10457
Expires: Wed, 25 Jan 2023 18:54:46 GMT
Date: Wed, 25 Jan 2023 16:00:29 GMT
Connection: keep-alive

                                        
                                            GET /img/flags/24/jp.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7468
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   599
Md5:    857f6f0e0886a3729b758b7241e42e61
Sha1:   a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
Sha256: 8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
                                        
                                            GET /?xsvjd=737329 HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.59
HTTP/2 200 OK
                                        
content-length: 68729
date: Wed, 25 Jan 2023 16:00:29 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iQvxr1wZPAfVsj1yWLw30GD2OM9ZX3NwUp9dz18DeSeY-FICAhHzpw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15948)
Size:   68729
Md5:    5922d9dd405f1ad720ff24f5260dd306
Sha1:   dc13870aa0542c336b10dfb4ee401dd9ece1fdce
Sha256: 720cd9d61b7967978482d44969eef0e252f389323f44e2eb12482a0f0468473a
                                        
                                            GET /img/flags/24/ru.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7517
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   403
Md5:    d8df89b036e6afb48f72d2440831bad0
Sha1:   04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
Sha256: 2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wtrZUPe149iR7UKnkVfD4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.35.3.113
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kvHxkjqLVO+uY/h1eeY/jZwcR6E=

                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/flags/24/us.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7350
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   656
Md5:    ae506a6c014bfeb8d8cbfdfbe94c14c9
Sha1:   f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
Sha256: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
                                        
                                            GET /TnZBR3EvFCIqTi9LI2EEPBp8YkMIU3MBFSQAeH4CNhkwNwd/R28kHSEDJSEDIRg1aR8rAmR1NygSch4GHQwiEjYYQjUEMAMQFw8oDyQEAjUrNyUVOQs7KhAgKjoUPjcZOSgRMwtHCCsgIgE0ESIbJxgQQAoyEw4/Kw4EJTd/QjIEHQsiGS4WBSQtBSMCRxcMICYvZHUzGB0uJSk0MCQACT4kIyAkNic5ckYLHRcANgoOJAAjBBARAiMdJAAGHR9HCwIwBhkJECQXICQPJx0kAAZJFh4tBjMJQgQJJwM1JHdIDCcpEUUqIAsCMAoaAxIaGA4kIBUNIQBqMyczKhE2GA90EjkMHRciKQgwEyA3eTRxHTYPIXUBIzY0GwgnByQGEhk7NBUBOQ8+dR0jfzQHIxYXUCs0HiAGfCQbLzsSNikrJHUrFCwkJxY HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1180
date: Wed, 25 Jan 2023 16:00:29 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cjos2OTZG62gtMD-xGAu2kobuAPn5dvDWMNZSvx2KKVEjPTnb_2Huw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Size:   1180
Md5:    9ef86536e207f9a07588aa22e26b39f2
Sha1:   008e4bdd0765c929811a1b0bfd10e7ce66ada252
Sha256: fbe6e0d92fa87b744afd4fe39af6b17b14be556014de6ace30f3d78a1d409fc3
                                        
                                            GET /utx?tid=737323&top=anonfiles.com&cb=K7B2evcUIxnI HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.84
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 16:00:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 25 Jan 2023 16:01:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qiomowNT7mCfvRVW6tu9K-57cltBbN09XGCCjcwCk7CpsbPzFSZFEw==
X-Firefox-Spdy: h2

                                        
                                            GET /amY3SUZFWVQ6ewkIUyAjLiBwGCowJHQMMi4wcggFOyNhGhIrNxE9Lw5bAHpxWVQObzYDAgp4YBkSVj0zGVsGby8EAFh0YBxbBmd1XkgEeGhYQEJ0d0wSRyghV1cROTIeCgp4cF1SAX90XlQAfH5S HTTP/1.1 
Host: reoreexpresi.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.58.110
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 16:00:29 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOv5ucv8VYlrMof5RAu6sHfgkuJeg2Vs9YEy843uMf17s9%2FZmlwYbIN9FElGGKZOshZidT71LcTNKrN28PwKEyxxteI3xnpumH7U%2B92KPKoxjVTUQJe8BpBMg2ic1%2FCF1DmC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f238d92c7db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /WTFvSHE4UwwlTjgMDW4EK11SbUMfFF0OFTNHVnECIV4eOAdoAEErHTZECy4DNl8bZh88RUp6Nz1kAywlC3QIMD4dAQYsCAAUXQo/al1KejcAZi0vFTd3XxgiGEMlITsoYScNCR9jXyM/NwUDKggMdiUwKz5VOwkIF1wfIigwYBUHJQsEDSISbHwnJEQ9dTZ7OzdnAisiOgElMh0ofyw7RhJbKno9DQUeAkIMSSQfSW9hK3wZCVscMSgBXjoRH2gBDR8zN1QVBRkJdSJwPCNFXBImFEA/ABU1aFweRT92C3oVLkFcEiYUSyYcCTFrXQ5GHHklIBUdcwQRQnRrXAsfPV02Mih8Ay0sQwhiCxAZN1Q4BgU7Zi0mPxp0HQclMQMLL0Q+a10CQTx2ISYoNHdZERscByEhQWl+LDwZPFk9JShqdwIRHxxcChAaf1scJx8pDAB9CB57GDpHLgkZCh4dBg HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.230.111.84
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1196
date: Wed, 25 Jan 2023 16:00:29 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Sfp9yc431Rnsd5mTKnf5PVzC2Kgzks8zavnAAMhqGA_RXrhzmwiaw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3048), with no line terminators
Size:   1196
Md5:    57ad739847657a3b4344ba7bcd64bd7a
Sha1:   23edd473b4d75c7cdad5a99896a7f3abef9adb8d
Sha256: a1a3b793e9935a5ac3c049a0343617617bb7c799cadfe853f705609933fd8603
                                        
                                            GET /QUgwNHFud1NHTCQeckwnLRJxVSQlJGpfASgZd24ZEB9ifhMsKxZAGCV1BwdGcnsAEgEoLA0FSWc7RFUFNDsNBVcoJlZbTGc+DQVfcWYCGkNnPQ0FVzU4UVNMcG5AQAUtdQECRnV+BgZFc38GBEA HTTP/1.1 
Host: reoreexpresi.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.58.110
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 16:00:29 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pma%2Bc8MTZYXsba%2FMxns6CLeWyiZu7Mh%2FHpPPuIjQR52jdEdZCyenBt%2FzidPRI1QvoqMvcVeeSICTJHwEV4L%2BVv2dExab2aq%2BLVnxhShSQhh9VK8E6G90tnxHGl%2FzaOvUfgK2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f238d98d03b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /img/flags/24/de.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5043
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   483
Md5:    9f8cc07c258bcd2de0c7900861e20ffc
Sha1:   fed97219e44693d4f3918fc4037b325732225d81
Sha256: 07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "88FC9BFEA9C6F046D43D0CC36467CD7133555056C977BEEE8A486C0F3AD64C51"
Last-Modified: Tue, 24 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7720
Expires: Wed, 25 Jan 2023 18:09:09 GMT
Date: Wed, 25 Jan 2023 16:00:29 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/flags/24/no.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:29 GMT
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4810
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   611
Md5:    f14ac70aa6dd4d371671c0e6d7cba4e3
Sha1:   1139e3acd6e073bffb59157cbc10af72ed757218
Sha256: 9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
                                        
                                            GET /fd3YwSzcUGV4tCAMfVHYAREEDeAdRHEMkWQdLUyFWOiVBE1IlQlwuVSUQYW1DDRINexEbF14sClETXigKRlBRL1VKQhY+VkobXzFeGxpRbgUxQx57EkVGGDxeGRJfPERSRAAlQ1JEAHoHWUYVeHVSRAA8XhlABG4ENVMCe09BQhV4dVJEADlBUkVxegdCWA-BiEkVGVy5UHBkVeXFFRgF7B0ZGAW4FRxBZOVIRGUhuBTFHAH4ZR1BFdgY HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.59
HTTP/2 200 OK
                                        
content-length: 257
date: Wed, 25 Jan 2023 16:00:30 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T5ZAVAZdvGkv3uwrS0CVkFTem1c2XooNC3w70gRyJOuTzljijMxWsg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   257
Md5:    a5c87a12337a818978fea4cb773e03dc
Sha1:   f51f07b7ff9cfebccda5bca3c726f75364932dff
Sha256: a10dca9029cd3fa283a6a58d1c0c5aeaca450e56c26c265c91c71c2ac05760d6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/flags/24/se.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:30 GMT
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7697
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   581
Md5:    c9b1e40987c4411b4a7d13c07a8843aa
Sha1:   cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
Sha256: 8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 386
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.20.131.174
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /dUldTREgxOD0idyY+N3l/YWBgdnF0PSArJiJqPHExFR0kNn4lbyUGJxZgdTAyNmpjYiQzOTR5bjc5MHl5dDY3JnVmcSc0JzlqNCs7KjE2LT4qJ3UxKW86PD4hPjsyYXoUYn10bWBnezMhPDM8Mzt3ZWMqPHdlY3V4fGd2dwp3ZWMzITxhZ2F7EHJhdDBkY3-Z3CndlYzY+d2QSdXhneWNtbWBnNCErOTh2dg5gZ2J0eGNnYmF6YjE6Ni00OCthehRmY3FmYnEmeXk HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.59
HTTP/2 200 OK
                                        
content-length: 548
date: Wed, 25 Jan 2023 16:00:30 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ssl1optB5XHNRyVlIFALG59X4xCF3kRCFO8m9WeDS2__THH6T16Rfg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (783), with no line terminators
Size:   548
Md5:    dd7532add175143408fbf0ca3e578387
Sha1:   79930860a7de70aaaa6dfc913a35df874292e5a6
Sha256: 5c6e1f85cd7adc7ed6077f9748b5f8a4d9e369cf95226dcfb01ef8284ed060ba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/flags/24/kr.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:30 GMT
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7027
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   988
Md5:    cb22f00511d088a71e84f8c1c864caed
Sha1:   6599812ed106bda6017487287e12bc836570649f
Sha256: 09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4863
Cache-Control: max-age=86242
Date: Wed, 25 Jan 2023 16:00:30 GMT
Etag: "63cfed01-1d7"
Expires: Thu, 26 Jan 2023 15:57:52 GMT
Last-Modified: Tue, 24 Jan 2023 14:36:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /utx?cb=FyUlFfyePW9W&top=anonfiles.com&tid=737329 HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.84
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 16:00:30 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 25 Jan 2023 16:01:30 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KYPj2Ku97O8euFkTYcdxOgA62nMr38L4bWImpwg7SIbRx-0Gfymrbw==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CC423DFA4077C6C07D608272BD897E4DAD249580F0B4C2C13173D6271B94AB5E"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9860
Expires: Wed, 25 Jan 2023 18:44:50 GMT
Date: Wed, 25 Jan 2023 16:00:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CC423DFA4077C6C07D608272BD897E4DAD249580F0B4C2C13173D6271B94AB5E"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9860
Expires: Wed, 25 Jan 2023 18:44:50 GMT
Date: Wed, 25 Jan 2023 16:00:30 GMT
Connection: keep-alive

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.109
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 16:00:30 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1325417446%3A1674662430254777&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfJUGmGt-3n04PvnGD0UQ3EJiT0NyTOWwcsYjJib5h3_k_R5uPGg6jT93bUM4_xt6xtMmXX
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-_q9sBZOV-2EkBUlMdgxMUg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:PDw_74AAekwPpjiOYx3nFCqxj3FzwA:Q-NNLH2JAf8trP-_;Path=/;Expires=Fri, 24-Jan-2025 16:00:30 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Size:   395
Md5:    c38ec97ad4de261a079bf664e4b7101a
Sha1:   dfc967af4aca85d2070693a3b84e923b69555988
Sha256: d6441561ba473de668e1831bae4b3d38653adf5a9109a300d803687ebaf817e8
                                        
                                            GET /sw_anonfiles.js?UmR0M2UJRkMAUmFWRxFJcEZYEVMxBkVVXWIAWVJVYFNZBwdiAFkKUGpdWQZdZQBBClxiUBBVXHBIVgMGZ1EVCgQ0SRcEUGRJQFEAM0lMUlYwSUwGAGsFTFEGZlRHUkd%2BRgdER35GAFsAMQsCVgohShdcCHBIVgJVfFFWHwMzCAdWSTQFGEAAfgIVXxY3OQ HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 28913
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (25712)
Size:   15666
Md5:    5e03f95322bfd924a10943354a145be8
Sha1:   149a1d27b2169791e547a074c3d40b279319d35b
Sha256: 27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.109
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 16:00:30 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1493293627%3A1674662430289912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdxow1XARGezC3HzwuiioDQ-oj5bRFyKyu0-EpuKskPSLfgZ2JciHqDZAb6y6pdVGleu1R8BA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-jTNcHmRCz--YLysOlvtpbQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:vnQ9PjWqbijNHb1RbElN4vNJ6yJPIg:YGFSEJQKTqI_YhZj;Path=/;Expires=Fri, 24-Jan-2025 16:00:30 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size:   392
Md5:    bc5664b9213b32463bd8ad219e0d5136
Sha1:   f9c7ccdb5952733c1e10f38ea4413f7f407b2d09
Sha256: 02e3f2ff92995e768658c22baf03fddb667eb3e94e1b38b0d061e955870a63e2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 16:00:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v3/signin/identifier?dsh=S1493293627%3A1674662430289912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdxow1XARGezC3HzwuiioDQ-oj5bRFyKyu0-EpuKskPSLfgZ2JciHqDZAb6y6pdVGleu1R8BA HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.109
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 16:00:30 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-HEvmtv8orGeAKX4PXEOXqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1276
Md5:    7fa83d36f6984c6060621d2f64882ff4
Sha1:   ba8ad781b28915560cd2c906ffef4fa4cde3de3b
Sha256: 3e396b578665516172d9df5b544b1d2b251cf3edd4738533478d081ae1ab608c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CC423DFA4077C6C07D608272BD897E4DAD249580F0B4C2C13173D6271B94AB5E"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9860
Expires: Wed, 25 Jan 2023 18:44:50 GMT
Date: Wed, 25 Jan 2023 16:00:30 GMT
Connection: keep-alive

                                        
                                            GET /img/favicon/favicon-32x32-anonfiles.png?1668605455 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/gch4kft6ye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.152
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 16:00:30 GMT
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1816
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1309
Md5:    ee0e6dd4ef643128a1b7bd4ab32b8a79
Sha1:   8136c70aac1e50f8356c83f91fb77ea4b6596cbc
Sha256: 51f305558b4ed6fcf3a31b4f9e404fc2ea426cb5e785ac46ce827de0c5cabb4c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Wed, 25 Jan 2023 16:41:26 GMT
Date: Wed, 25 Jan 2023 16:00:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2456
Expires: Wed, 25 Jan 2023 16:41:26 GMT
Date: Wed, 25 Jan 2023 16:00:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 29001
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10921
Md5:    1d76c1b1126a3e1b51dcca652cb6727b
Sha1:   b199a381ccac4628f2bfa626b44c71954713ca98
Sha256: 3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:15:35 GMT
age: 38695
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8252
Md5:    d10114508bd40d76f497fc5b9c064350
Sha1:   c9b86b2b27063e0a58b0f237d451f9cf05b2122d
Sha256: a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 64875
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    91b2e12a39dc4f63b9d52e8800cce1f2
Sha1:   42d5b4b4a091778d98c351f0002d8656449d0243
Sha256: d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 38755
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12758
Md5:    7458f7a9b2070055df6f1d496794e43e
Sha1:   0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
Sha256: 373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 46201
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9650
Md5:    13891ffe8a0cc240be63b7945e4b7688
Sha1:   958b50e9e7e5e02882d55612a5d6d2402e225390
Sha256: 1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -GQ5kEZvbltzLlBeml1PxYH3ufTrSMApVjDyR_NkR-6-vXfuJHOb0g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:09:45 GMT
age: 60645
etag: "7596b783e0da5fba63c49374933eccffc223d729"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6026
Md5:    bb6c1403a1d3c878c08ccaf17f8b3d0a
Sha1:   7596b783e0da5fba63c49374933eccffc223d729
Sha256: 1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.20.131.174
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.20.131.174
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         52.20.131.174
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /UmR0M2UJRkMAUmFWRxFJcEZYEVMxBkVVXWIAWVJVYFNZBwdiAFkKUGpdWQZdZQBBClxiUBBVXHBIVgMGZ1EVCgQ0SRcEUGRJQFEAM0lMUlYwSUwGAGsFTFEGZlRHUkd%2BRgdER35GAFsAMQsCVgohShdcCHBIVgJVfFFWHwMzCAdWSTQFGEAAfgIVXxY3OQ HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         52.20.131.174
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: 092910dc34686763b0de30971fe368a6=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8442-60X0Qpi2TKFgbPe+79/THWOCFZw"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1 
Host: baconaces.pro
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.20.131.174
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fd-K+ByKTfGgRCUyZICdR+tG/gXmGg"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S1325417446%3A1674662430254777&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfJUGmGt-3n04PvnGD0UQ3EJiT0NyTOWwcsYjJib5h3_k_R5uPGg6jT93bUM4_xt6xtMmXX HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.109
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 16:00:30 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-U3xxIlCo_vQp1sPLPCbZVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.199.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Wed, 25 Jan 2023 16:00:30 GMT
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6928
last-modified: Wed, 25 Jan 2023 14:05:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DelQtL5JzJP%2Bf8bYMqEAIWd3yG9qoc5eS7AFkkh32IXDNA4x2Pzt7bJN116jwIPmUaDwCpXr51iu%2FGit0ncuIlo8XKOjzL%2Bebh3dRv8OdheN%2FS1silYbtw9cnPxS2t%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f238dd5a6c7697-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: roZugnbYQslO+aQolou+xEC854tSv8eCCeHwbetglKTltxLFC+79z6BLoaj4S6HhiDM0JsdbGaLQDaj+pXUW6A==
date: Wed, 25 Jan 2023 16:00:30 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.199.35
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 25 Jan 2023 16:00:30 GMT
set-cookie: csu=455093344717110@1@1674662430; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFFDZmTSYiLoZXVS6ZF2BRmKfOOqWku9t4WU1XRKJosWmvhvEFLgPK18hZhgzf%2FxYWflpG0bzfd6%2BhzFt3quBJ2CJ8M3YWLrITDZrHDKvDs3lewpz49JkRQmTEKwuy0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f238dd5a6a7697-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---