| anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe | 138.201.48.112 | 301 Moved Permanently | 162 B |
URL HTTP/1.1anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /dr16X/fivem-mod-menu-by-krxllz5999.exe HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 26 Jan 2023 18:25:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9fbe85f42e8ae8ae41cc12df5f98b141 949fa36ff0f22f72565fd584bef094dd4de23037 184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6481
Expires: Thu, 26 Jan 2023 20:13:21 GMT
Date: Thu, 26 Jan 2023 18:25:20 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash58ffdcb539c3b250fdf31ed761627fc1 5b55b1522ef84c39b5c42f9bbfbc62b806c1269f eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13904
Expires: Thu, 26 Jan 2023 22:17:04 GMT
Date: Thu, 26 Jan 2023 18:25:20 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9601
Expires: Thu, 26 Jan 2023 21:05:22 GMT
Date: Thu, 26 Jan 2023 18:25:21 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 17:35:16 GMT
content-type: application/json
age: 3005
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: k5sv0Yr0+37OEa6jP3n+wvM26I3GLQOjtR9vp9XbyMzYv0A7OfGhC+XLz8ttaAuHwNvEPm7luQV3/Ax89+2RGg==
x-amz-request-id: JA8EHT6CWQ1B8KCW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 17:49:04 GMT
age: 2177
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| anonymfile.com/img/logo-anon-warning.webp | 138.201.48.112 | 200 OK | 15 kB |
URL HTTP/2anonymfile.com/img/logo-anon-warning.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Hash7b596f481388ac5ef6d74a15a351f6c3 6756e88c0b46cc981b7bbbdaf2ead77bd258a472 cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: image/webp
content-length: 15344
last-modified: Sat, 30 Oct 2021 12:14:11 GMT
vary: Accept-Encoding
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| anonymfile.com/img/main/footer.webp | 138.201.48.112 | 200 OK | 178 kB |
URL HTTP/2anonymfile.com/img/main/footer.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Size178 kB (178070 bytes) Hash79ccb3a1b78412a1a530284f45ea7056 626d0494e1bd871e67ecffad44d04ac2343fb7e5 3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: image/webp
content-length: 178070
last-modified: Wed, 10 Aug 2022 07:17:48 GMT
vary: Accept-Encoding
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js | 138.201.48.112 | 200 OK | 18 kB |
URL HTTP/2anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeASCII text, with very long lines (534) Hash75e3addefe753bd63b3fb6b92fa2fcdf 1e476cab7bad2651470e116a7556945586a80a5b 0f70656b4a5a0aa99a810f1bb90b5bdc36e4a3aa61105be25eebf9dd4c9255e4
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 26 Jan 2023 18:25:21 GMT
last-modified: Thu, 26 Jan 2023 18:25:21 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 17:41:40 GMT
age: 2621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| anonymfile.com/img/logo-anon-warning.png | 138.201.48.112 | 200 OK | 41 kB |
URL HTTP/2anonymfile.com/img/logo-anon-warning.png IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typePNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data Hashd52ea6ebcd0b10dcf112a9d6c43ceee0 641e5277e2e079f0e88e2899879fda8882e58d28 77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: s-maxage=10
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc398b6b39d11d25b8ae9bc5cd94a1c98 640aa8c399ced71d0c2a9f5a90fbaf091b01d642 a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12525
Expires: Thu, 26 Jan 2023 21:54:06 GMT
Date: Thu, 26 Jan 2023 18:25:21 GMT
Connection: keep-alive
|
|
| anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe | 138.201.48.112 | 204 No Content | 0 B |
URL HTTP/2anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/sweetalert2@11 | 151.101.193.229 | 200 OK | 18 kB |
URL HTTP/2cdn.jsdelivr.net/npm/sweetalert2@11 IP151.101.193.229:0
File typeASCII text, with very long lines (43315) Hash34245e47533a6bbe4e69f65aa0297dcf 6649da8177cd2018da3bdcef74aac77931fb470c 9db43754d594eb4c0d021c4b62b3b4a0e13b455d8130f33e845523e9f0c43f7e
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.1
x-jsd-version-type: version
etag: W/"fb5c-w+GyqThvnHQcfkFno5FntMBy22I"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 18:25:21 GMT
age: 41644
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18041
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hashb672e329116faae18684f70234b343bb 1397e363e9a8f60d6f8e553ce5f64ae49e273416 edbebc7904add92eb2b690bd2477c5a3fbcb6327c7084702e2f1dc30a74b22ba
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 18:25:22 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "290FABCC5682EEB673D61C45595B39EB57FAD07F"
Expires: Fri, 27 Jan 2023 05:00:00 GMT
Last-Modified: Thu, 26 Jan 2023 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2690
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fb4a70ab90b4f4-OSL
|
|
| unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js | 104.16.124.175 | 200 OK | 16 kB |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js IP104.16.124.175:0
Hashc067b7bc2eb486c8c74e748043803f5b b647094650213a9220f6721541c2f22ac0c0e70b 82a7c1fbba0cc1b7eb49919d767a853663b3f2b6affcdbb80025682522088296
GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:25:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 5116904
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fb4a70bbcd1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.10.3.114 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.10.3.114:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EIHvkM0EB/hEyvWZ9iWZZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9B5AqCLl+5RNSPmTm3zc+6L+//8=
|
|
| unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js | 104.16.124.175 | 302 Found | 105 kB |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP104.16.124.175:0
Size105 kB (105370 bytes) Hashbabfaf312863df45b6b40983607cf3d2 af88e73516fc07e588ddae3d4411af1d43aa7386 a2c2098c6de7286ad5cce6ee1a83f38126a4c2f745964873a6700d274883ef25
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQQMR6RJMHKNWZ7C8J2CMJ26-fra
cf-cache-status: HIT
age: 501
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fb4a702b2e1bfa-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4bd334d0296dc28cc576e0a58e544867 952debaf17ce4f67413778ffad72aa7b28c8a74c 9d55eb92fa3b7e988b54a980e8aafeb7cc95e9503af69b20d84bf5f7939a41bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D55EB92FA3B7E988B54A980E8AAFEB7CC95E9503AF69B20D84BF5F7939A41BB"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5885
Expires: Thu, 26 Jan 2023 20:03:28 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Thu, 26 Jan 2023 19:41:23 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashba0a42dadf6a976df148f652e9cc1844 4d825b74865effa4a858ddcad1d0969671facc07 7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:40 GMT
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
age: 74143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd84f383ade441229a3b8c3bdb440dec1 1a3fe5fbdb453238fd1bba1698ab7e42cc964455 00f8082421d59df44b61e96c4cdf71aec562e572fd3fbebfb2f1c5aa5fa22c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F8082421D59DF44B61E96C4CDF71AEC562E572FD3FBEBFB2F1C5AA5FA22C6F"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Thu, 26 Jan 2023 19:31:28 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash653bf5a34e9f99c9eef73a21d98d792f c70d46aa2210c4f7c397fa20e1225b7d0734ac35 9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 77d12b56-c121-4d0a-9831-9de4151b65de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUY8_GVUIAMFmgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a1ec-523a2d8b1028a4496a211030;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:41:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i_OHKx9OPaP8_2ydfgZwY4Dvbq208pXR2hwFTdUySwjsIwEIcv-M4g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:18 GMT
age: 74165
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash17e1b6f3caa98b0e0972802408dd3f93 07e48bf3565e00d093d72dd4ada606f5d39a4838 7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 73975
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcfe699b31f96add9f1439af1ff1191eb f77a833a69b69eef4a39e404c102f624e96b52c0 44312979ac13221e5c3328ad590f0f3dc7da00380c07c433382cd81c47b717f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: 2f52d4d7-4158-485e-bbae-1f906c40d1f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYg5HvwoAMFxjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d46b-73d5d7862497852334d9cde2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:04:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4szanZUhJULoG1K5oNXzvcaoImIduF8NnkTrwCPSpOFpJMaw7rQqEg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:22:01 GMT
age: 39802
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf62e9b7bdca82d18c945851912d8fea8 a7ca44d337c43bc5c6145b26778661c71cc50484 5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:37 GMT
age: 74146
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7458f7a9b2070055df6f1d496794e43e 0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9 373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:14:39 GMT
age: 47444
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf0a4098f041b32de6aeac7e8919dfb93 d3dd3d384e3bc4454b58f48c878261b5d165c2bd 1a2e07af32d611f5b897d8f26ba1ba7008bdbb7814bc749dc3f6992167ed6d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A2E07AF32D611F5B897D8F26BA1BA7008BDBB7814BC749DC3F6992167ED6D64"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17835
Expires: Thu, 26 Jan 2023 23:22:38 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2fd3b5487710791cafa87110d681647a 6f3de59c79cf8f93c3312d917e9bb225a8bb25f9 35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11020
Expires: Thu, 26 Jan 2023 21:29:03 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe00a674a0c70c9d697802909f3d3836c e8862ab9105e10e004509050a8cb650fb53390c4 1b78e3fe9ac8c6c62f14d7c08894ec1fcaada17cc807b067396bee1813c903fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B78E3FE9AC8C6C62F14D7C08894EC1FCAADA17CC807B067396BEE1813C903FC"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7152
Expires: Thu, 26 Jan 2023 20:24:35 GMT
Date: Thu, 26 Jan 2023 18:25:23 GMT
Connection: keep-alive
|
|
| my.rtmark.net/gid.js?userId=08c0feb5363a4482a5a907a780537775 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=08c0feb5363a4482a5a907a780537775 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hashe67cf1a27001cdef702545e4eae37d4d 2019d9d0d89269a59a4d292df2a1d7b4d4da0626 b7e24e1bc41b9b5514d4c20326852497c8f25f72e6157381bd78a131a7dd1547
GET /gid.js?userId=08c0feb5363a4482a5a907a780537775 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= | 139.45.197.250 | 200 OK | 664 B |
URL HTTP/2ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= IP139.45.197.250:0
File typeJSON data\012- , ASCII text, with very long lines (663) Hash924f83d583902548517c3327ff8e4493 7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c 92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: d54472822ff661ea4db9f3c9a7fa6ef7
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0 | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0 IP216.58.211.3:0
Hasha183b8ab4dc63e3c7570c080b82630b2 69bb25aebf6b4418e5ac45c9654a2a24d1b8b168 976587f6dc6510ce04ac4af2a4bd3079beb1777dab443d1223a7d99d4ca2040c
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:25:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| tzegilo.com/stattag.js | 172.67.141.224 | 200 OK | 5.8 kB |
IP172.67.141.224:0
File typeASCII text, with very long lines (13121), with no line terminators Hasha90842c273886513980c9a05c7dc066e 49bd1b5b269cb6de65694876688f3acead4d30ee 64a9788f90f65d74748702346fddf98bc60d76d8b51ae55ef74ff8ffc566d914
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3292
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67pXuK4dYjshoMEU%2FbTTDkMOdiksPL%2BxJHDkTufyERQ9pNoZ%2FyNxBu%2F0N4nDU82F1NWgud9Gauk%2BvNf%2BcZGxyrUi1MkSVc27pCDHw0fq9501jYu0cbdWtyQrZNfzCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb4a7c0eb7b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ibrapush.com/pfe/current/tag.min.js?z=5307590 | 139.45.197.250 | 200 OK | 6.5 kB |
URL HTTP/2ibrapush.com/pfe/current/tag.min.js?z=5307590 IP139.45.197.250:0
Hashdc6900b307945ed2d232959f9f1fcd07 bbb4afaa72099cd1c89300f356735e7a3790c2e9 bfe065b54e85eb7d6748083cd5ccedb2f2907fd2e9e038dc1a740bea9cd199df
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 14:02:57 GMT
etag: W/"63d28811-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| onmarshtompor.com/?rb=M8yTDKjNrk9I4E5XdDkS_41BMBhJsZhL6ee3s48Y6za3pszq69mzvcP8wqIcYgb2ukGhc0D5GJ-0ekL3vTTqdn1a2X6jS2CVA6beeo8HX8LgUVeEfW_sIOhDBsFB5WS7sKEAEsMnG0buzyy4BAaW8MRieeE8JbtAa2JVYThK9BJso4m-j-syinc4ghopgiigrgv129bJ6dgfRwQNXN_qkNgaosXJo3RaknCN5Zfex88%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wih=836&wiw=1152&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=0272870e-7424-4967-ae6c-36dad5408452&userId=08c0feb5363a4482a5a907a780537775&m=link | 139.45.197.243 | 200 OK | 1.7 kB |
URL HTTP/2onmarshtompor.com/?rb=M8yTDKjNrk9I4E5XdDkS_41BMBhJsZhL6ee3s48Y6za3pszq69mzvcP8wqIcYgb2ukGhc0D5GJ-0ekL3vTTqdn1a2X6jS2CVA6beeo8HX8LgUVeEfW_sIOhDBsFB5WS7sKEAEsMnG0buzyy4BAaW8MRieeE8JbtAa2JVYThK9BJso4m-j-syinc4ghopgiigrgv129bJ6dgfRwQNXN_qkNgaosXJo3RaknCN5Zfex88%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wih=836&wiw=1152&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=0272870e-7424-4967-ae6c-36dad5408452&userId=08c0feb5363a4482a5a907a780537775&m=link IP139.45.197.243:0
File typeJSON data\012- , ASCII text, with very long lines (2260), with no line terminators Hashf2a782fac3f4b873ea0f5ed12f8d27c7 d2e87b7e341160b22133362ba379120ef8f3fef6 32b54942e945526db70d3e0dcf183be38b1c8f99ce12b380ad5f0f41e0df43c4
GET /?rb=M8yTDKjNrk9I4E5XdDkS_41BMBhJsZhL6ee3s48Y6za3pszq69mzvcP8wqIcYgb2ukGhc0D5GJ-0ekL3vTTqdn1a2X6jS2CVA6beeo8HX8LgUVeEfW_sIOhDBsFB5WS7sKEAEsMnG0buzyy4BAaW8MRieeE8JbtAa2JVYThK9BJso4m-j-syinc4ghopgiigrgv129bJ6dgfRwQNXN_qkNgaosXJo3RaknCN5Zfex88%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wih=836&wiw=1152&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=0272870e-7424-4967-ae6c-36dad5408452&userId=08c0feb5363a4482a5a907a780537775&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/json
x-trace-id: bd47147f383fadc71251f72525258e76
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:23 GMT; path=/; secure; SameSite=None
oaidts=1674757523; expires=Fri, 26 Jan 2024 18:25:23 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Feb 2023 18:25:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| betotodilea.com/400/5307588 | 139.45.197.237 | 200 OK | 32 kB |
URL HTTP/2betotodilea.com/400/5307588 IP139.45.197.237:0
File typeASCII text, with very long lines (65536), with no line terminators Hash7d2649d8cfbfe8da85884a8a34e82db2 7504dd022be97ce8ce9669244469e485e1eb652e f29c1109ce177bc05b8f99600eb262432c2b050815dbd6e2b98874b3bf5b01cb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/javascript
x-trace-id: a280047da7f735d6fa4446d3a2d16235
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8833d6ddd48546e789a72f915cf5fbf4; expires=Fri, 26 Jan 2024 18:25:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hashda6d1131f8c9ad77c09853b9bc65a467 dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 18:25:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=508453,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fb4a7cea190b02-OSL
|
|
| ibrapush.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 784
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fac39cd4895831c8d91ebe3b58716c58
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ibrapush.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 403
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6b5bb6c4b6d134a7242684b683114bc6
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 931
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 26 Jan 2023 18:25:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 | 139.45.197.242 | 204 No Content | 0 B |
URL HTTP/2nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 IP139.45.197.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 | 139.45.197.242 | 200 OK | 2.7 kB |
URL HTTP/2nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 IP139.45.197.242:0
File typeJSON data\012- , ASCII text, with very long lines (6398), with no line terminators Hashf5448cc9c8573950afb62996bcf48e10 fa41d9e706c197fcd645ec1330ffcacd5deb274a 2484cc3555068002f01d296adb3f4c656f37dd7716fd5b4b636fe3ae223b76a2
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&wy=0&wx=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&sah=1024&drf=&hil=1&ist=0&oaid=08c0feb5363a4482a5a907a780537775 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 149
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=7b25050b582c4bd09cab57ebf8cb79c7; oaidts=1674757523
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 7b2480b23284034abccdef4e9e3afb7e
access-control-expose-headers: X-Sc
set-cookie: OAID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:24 GMT; secure; SameSite=None
oaidts=1674757523; expires=Fri, 26 Jan 2024 18:25:24 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashee13ba261974907ff80d665d4a071a7e 04a1629fd77898da83e2cabf7519e51fcfdbfe9a c16681d370f82a32fcf63857d6e0bde36aeb81e1235602484986536c26c9950d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C16681D370F82A32FCF63857D6E0BDE36AEB81E1235602484986536C26C9950D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2872
Expires: Thu, 26 Jan 2023 19:13:16 GMT
Date: Thu, 26 Jan 2023 18:25:24 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashd49cf0a2dc8f3dd6b5e4730d50cb1f8a 973d6fd723abbad6bcdde56b95cff0b956aeb3d0 ac3accfa00116f3f8c98e66aeefa227f1575b1279eaea5fee34cc6620af9eb81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 18:25:24 GMT
Last-Modified: Thu, 26 Jan 2023 17:01:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
|
|
| offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg | 172.67.22.216 | 200 OK | 14 kB |
URL HTTP/2offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg IP172.67.22.216:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hash7d763937692f59aea0578ffe58c10ee0 b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b 2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Thu, 26 Jan 2023 20:36:31 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 78533
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb4a7f5ba3b4ff-OSL
X-Firefox-Spdy: h2
|
|
| interstitial-07.com/contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg | 139.45.197.154 | 200 OK | 25 kB |
URL HTTP/2interstitial-07.com/contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg IP139.45.197.154:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data Hash22c3d736b6f5657cde24feae14c9773b 126151dc35c149dad2aa1e7ad40856eda756a0a3 686dabfa96f39e22f655edd3bf99484caf1aa3b63165e6d47ae6c6c2de974bec
GET /contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3599665781%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DltVEAlj259X9rs70M3zfFIYlCZ-NFH1iIrRCPNHjiQD2eiLepVCj6cSzijlC95sJWEE-hPZirwf19_2WnwmL-sYT07RIVdjZoqN3W8qKt7ydW1S_TBBrdIDvYHK9xuRit0sjnbdryAfHeMR-CHxfR2SgErpln5wGw-OwDimW6_mpozUok72dqA2hrPYsIPa33XIOSpYqz1bGu6B-OXekNsiA_Zuq06zrcwiRGVOM-98k0dRE8KhXfowBQUrUkdOVjLHNTEwFlPAVnWSypBoL23gTUgBcOIqK2qKpDWCqFUrrCd1hyBa7PrvXcRP-PdhghVsKz0WSOQEozY_9Ywa_k9vgpmHU5Q1UlUUOjWQdOEMEV0fSvXmQMmZdH2TQqK9O_MKiXN-CxHk-YBh_4MaVfyVRFm21bME78N3fAp9lk5r5qmqUQ3rBsudhCGI3sSoxhGVlAl7rWkh4RphedHde1lB8iOil6w8W_HWowYr7a2uRRf4BTUB2zJffn9CsuVmmCUyn2isryM0nNoen0SN6K11Q-4Plakw2R76XmFAvfPkzgVLKYR7IgCD8I74-I7aES_pQ0wv2611pkpAjnmJ19EwmmayDermdAwldB74d8lBK7R1PP7wzBp7GfW3f6zO-zLlj1kVAEvL-jX8LUgaLW-JugwU%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dc7491ea2-4d26-4968-90d7-56827d4828a1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fdr16X%252Ffivem-mod-menu-by-krxllz5999.exe%26wy%3D0%26wx%3D0%26ww%3D1152%26wh%3D921%26cw%3D1152%26wiw%3D1152%26wih%3D836%26wfc%3D0%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: image/jpeg
content-length: 25424
last-modified: Mon, 21 Mar 2022 17:16:40 GMT
vary: Accept-Encoding
etag: "6238b2f8-6350"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash86a25231794bbfd3f276118a68cf20f4 ee94ff69230178aa9294348bfe638acce39bda73 8aa3357c026c54209085411a849df78cd14f155d4991330fbd6ad039f8262985
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA3357C026C54209085411A849DF78CD14F155D4991330FBD6AD039F8262985"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9505
Expires: Thu, 26 Jan 2023 21:03:49 GMT
Date: Thu, 26 Jan 2023 18:25:24 GMT
Connection: keep-alive
|
|
| interstitial-07.com/contents/s/ad/18/0b/3aac326b9289a67e128b909273/0826749865589.jpeg | 139.45.197.154 | 200 OK | 65 kB |
URL HTTP/2interstitial-07.com/contents/s/ad/18/0b/3aac326b9289a67e128b909273/0826749865589.jpeg IP139.45.197.154:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data Hashad180b3aac326b9289a67e128b909273 ba733f261d913ab102602e449058a72d515f943b 202defc20d82c83f15257ccaac9cf945e9802406c4f8288178e46d8977920536
GET /contents/s/ad/18/0b/3aac326b9289a67e128b909273/0826749865589.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3599665781%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DltVEAlj259X9rs70M3zfFIYlCZ-NFH1iIrRCPNHjiQD2eiLepVCj6cSzijlC95sJWEE-hPZirwf19_2WnwmL-sYT07RIVdjZoqN3W8qKt7ydW1S_TBBrdIDvYHK9xuRit0sjnbdryAfHeMR-CHxfR2SgErpln5wGw-OwDimW6_mpozUok72dqA2hrPYsIPa33XIOSpYqz1bGu6B-OXekNsiA_Zuq06zrcwiRGVOM-98k0dRE8KhXfowBQUrUkdOVjLHNTEwFlPAVnWSypBoL23gTUgBcOIqK2qKpDWCqFUrrCd1hyBa7PrvXcRP-PdhghVsKz0WSOQEozY_9Ywa_k9vgpmHU5Q1UlUUOjWQdOEMEV0fSvXmQMmZdH2TQqK9O_MKiXN-CxHk-YBh_4MaVfyVRFm21bME78N3fAp9lk5r5qmqUQ3rBsudhCGI3sSoxhGVlAl7rWkh4RphedHde1lB8iOil6w8W_HWowYr7a2uRRf4BTUB2zJffn9CsuVmmCUyn2isryM0nNoen0SN6K11Q-4Plakw2R76XmFAvfPkzgVLKYR7IgCD8I74-I7aES_pQ0wv2611pkpAjnmJ19EwmmayDermdAwldB74d8lBK7R1PP7wzBp7GfW3f6zO-zLlj1kVAEvL-jX8LUgaLW-JugwU%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dc7491ea2-4d26-4968-90d7-56827d4828a1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fdr16X%252Ffivem-mod-menu-by-krxllz5999.exe%26wy%3D0%26wx%3D0%26ww%3D1152%26wh%3D921%26cw%3D1152%26wiw%3D1152%26wih%3D836%26wfc%3D0%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: image/jpeg
content-length: 64787
last-modified: Tue, 12 Apr 2022 16:09:22 GMT
vary: Accept-Encoding
etag: "6255a432-fd13"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vctx?t=72747 | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vctx?t=72747 IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f75e15189adcf931b0b50b5bec0d7338
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 26d9388b45f60f520fe18d143ed757bb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/impression/rT0o8Dgm-ifmhySO5rk9_PzedakfXBbKtVQLdepYxbmK3xO0c8_v1KKmjQoBlzbcLsd_xUaZQy-fd2QWWfE9EzqvplF3GGr-4q9tng3Mk6qO5QSxCuHbRYAQIs3vqMToODzSN_pbu8T3OWa8RNgHMLKeG4Lcf8IGUwgcGc1PPIpR8UN09uZ1nxm460ZNYTM0O0QaIMf2r91H5BNBPFORGt83NBQmYUFXANpHWAsmfDV_5h6d6T7Zl1FP8d_wH3PeVOnmmGJSk70ul4MOlm42flFdDnk2qVRPefA2Zq53sblOh3sfLtdUISK6tksnR4W5CYtF-R14knNyBDKrc_stCP_vbddrmA6c-ceBZJZiuyof81O4Wo5zseHhF5FsNLmt5Cf_XEaxb3uK6Jwdz_5armf_uNBHrMpA-xQEr7M6oU2uo43fIjKBH5QJfrG8eMG4YefH14WUbg7612ES1xpwNlpTPNY8tVnfWrFasbtFBH2c6mz-vMIojTLcUEQVhpgjNlRsJXaoJm6udcGiRXMBnSvWvn0yGHTRVlX2fQ==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 43 B |
URL HTTP/2betotodilea.com/impression/rT0o8Dgm-ifmhySO5rk9_PzedakfXBbKtVQLdepYxbmK3xO0c8_v1KKmjQoBlzbcLsd_xUaZQy-fd2QWWfE9EzqvplF3GGr-4q9tng3Mk6qO5QSxCuHbRYAQIs3vqMToODzSN_pbu8T3OWa8RNgHMLKeG4Lcf8IGUwgcGc1PPIpR8UN09uZ1nxm460ZNYTM0O0QaIMf2r91H5BNBPFORGt83NBQmYUFXANpHWAsmfDV_5h6d6T7Zl1FP8d_wH3PeVOnmmGJSk70ul4MOlm42flFdDnk2qVRPefA2Zq53sblOh3sfLtdUISK6tksnR4W5CYtF-R14knNyBDKrc_stCP_vbddrmA6c-ceBZJZiuyof81O4Wo5zseHhF5FsNLmt5Cf_XEaxb3uK6Jwdz_5armf_uNBHrMpA-xQEr7M6oU2uo43fIjKBH5QJfrG8eMG4YefH14WUbg7612ES1xpwNlpTPNY8tVnfWrFasbtFBH2c6mz-vMIojTLcUEQVhpgjNlRsJXaoJm6udcGiRXMBnSvWvn0yGHTRVlX2fQ==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /impression/rT0o8Dgm-ifmhySO5rk9_PzedakfXBbKtVQLdepYxbmK3xO0c8_v1KKmjQoBlzbcLsd_xUaZQy-fd2QWWfE9EzqvplF3GGr-4q9tng3Mk6qO5QSxCuHbRYAQIs3vqMToODzSN_pbu8T3OWa8RNgHMLKeG4Lcf8IGUwgcGc1PPIpR8UN09uZ1nxm460ZNYTM0O0QaIMf2r91H5BNBPFORGt83NBQmYUFXANpHWAsmfDV_5h6d6T7Zl1FP8d_wH3PeVOnmmGJSk70ul4MOlm42flFdDnk2qVRPefA2Zq53sblOh3sfLtdUISK6tksnR4W5CYtF-R14knNyBDKrc_stCP_vbddrmA6c-ceBZJZiuyof81O4Wo5zseHhF5FsNLmt5Cf_XEaxb3uK6Jwdz_5armf_uNBHrMpA-xQEr7M6oU2uo43fIjKBH5QJfrG8eMG4YefH14WUbg7612ES1xpwNlpTPNY8tVnfWrFasbtFBH2c6mz-vMIojTLcUEQVhpgjNlRsJXaoJm6udcGiRXMBnSvWvn0yGHTRVlX2fQ==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=08c0feb5363a4482a5a907a780537775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:28 GMT
content-type: image/gif
content-length: 43
x-trace-id: 0349e831aaf7fcc46006f7c672f7fd30
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 12 kB |
URL HTTP/2betotodilea.com/500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hash2d8100a5ce1474d5eba8ebec2eb30bf6 42433d22b1e176233d656f8c6e7036a06ed20c4f 55ddecdc5fae0c07a3ad945fb2bd1831aae77dc67681fe71338cd2f2538d00f7
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5307588?excludes=16368912&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=08c0feb5363a4482a5a907a780537775
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:29 GMT
content-type: application/javascript
x-trace-id: 96b1f72635de6516f925cf7ea051a3c9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /dr16X/fivem-mod-menu-by-krxllz5999.exe HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; expires=Thu, 26-Jan-2023 20:25:21 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D; expires=Thu, 26-Jan-2023 20:25:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 26 Jan 2023 18:25:21 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nanouwho.com/27/f0e85569ebf902c5568035fe1b0a0004 | 139.45.197.242 | 200 OK | 0 B |
URL HTTP/2nanouwho.com/27/f0e85569ebf902c5568035fe1b0a0004 IP139.45.197.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /27/f0e85569ebf902c5568035fe1b0a0004 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=7b25050b582c4bd09cab57ebf8cb79c7; oaidts=1674757523
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Thu, 26 Jan 2023 04:44:45 GMT
expires: Thu, 25 Feb 2083 04:44:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.473.0 | 139.45.197.234 | 200 OK | 0 B |
URL HTTP/2bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.473.0 IP139.45.197.234:0
GET /5/5307591/?oo=1&js_build=iclick-v1.473.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/json
x-trace-id: c3f64a7a22e1909cd5c946087add202b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:23 GMT; path=/; secure; SameSite=None
oaidts=1674757523; expires=Fri, 26 Jan 2024 18:25:23 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5307588?excludes=&oaid=08c0feb5363a4482a5a907a780537775&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1152&wh=921&cw=1152&wiw=1152&wih=836&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fdr16X%2Ffivem-mod-menu-by-krxllz5999.exe&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=8833d6ddd48546e789a72f915cf5fbf4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: application/javascript
x-trace-id: 3b19ed0202a8b5285ff469e88df55dfb
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=08c0feb5363a4482a5a907a780537775; expires=Fri, 26 Jan 2024 18:25:24 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3599665781%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DltVEAlj259X9rs70M3zfFIYlCZ-NFH1iIrRCPNHjiQD2eiLepVCj6cSzijlC95sJWEE-hPZirwf19_2WnwmL-sYT07RIVdjZoqN3W8qKt7ydW1S_TBBrdIDvYHK9xuRit0sjnbdryAfHeMR-CHxfR2SgErpln5wGw-OwDimW6_mpozUok72dqA2hrPYsIPa33XIOSpYqz1bGu6B-OXekNsiA_Zuq06zrcwiRGVOM-98k0dRE8KhXfowBQUrUkdOVjLHNTEwFlPAVnWSypBoL23gTUgBcOIqK2qKpDWCqFUrrCd1hyBa7PrvXcRP-PdhghVsKz0WSOQEozY_9Ywa_k9vgpmHU5Q1UlUUOjWQdOEMEV0fSvXmQMmZdH2TQqK9O_MKiXN-CxHk-YBh_4MaVfyVRFm21bME78N3fAp9lk5r5qmqUQ3rBsudhCGI3sSoxhGVlAl7rWkh4RphedHde1lB8iOil6w8W_HWowYr7a2uRRf4BTUB2zJffn9CsuVmmCUyn2isryM0nNoen0SN6K11Q-4Plakw2R76XmFAvfPkzgVLKYR7IgCD8I74-I7aES_pQ0wv2611pkpAjnmJ19EwmmayDermdAwldB74d8lBK7R1PP7wzBp7GfW3f6zO-zLlj1kVAEvL-jX8LUgaLW-JugwU%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dc7491ea2-4d26-4968-90d7-56827d4828a1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fdr16X%252Ffivem-mod-menu-by-krxllz5999.exe%26wy%3D0%26wx%3D0%26ww%3D1152%26wh%3D921%26cw%3D1152%26wiw%3D1152%26wih%3D836%26wfc%3D0%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 | 139.45.197.154 | 200 OK | 0 B |
URL HTTP/2interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3599665781%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DltVEAlj259X9rs70M3zfFIYlCZ-NFH1iIrRCPNHjiQD2eiLepVCj6cSzijlC95sJWEE-hPZirwf19_2WnwmL-sYT07RIVdjZoqN3W8qKt7ydW1S_TBBrdIDvYHK9xuRit0sjnbdryAfHeMR-CHxfR2SgErpln5wGw-OwDimW6_mpozUok72dqA2hrPYsIPa33XIOSpYqz1bGu6B-OXekNsiA_Zuq06zrcwiRGVOM-98k0dRE8KhXfowBQUrUkdOVjLHNTEwFlPAVnWSypBoL23gTUgBcOIqK2qKpDWCqFUrrCd1hyBa7PrvXcRP-PdhghVsKz0WSOQEozY_9Ywa_k9vgpmHU5Q1UlUUOjWQdOEMEV0fSvXmQMmZdH2TQqK9O_MKiXN-CxHk-YBh_4MaVfyVRFm21bME78N3fAp9lk5r5qmqUQ3rBsudhCGI3sSoxhGVlAl7rWkh4RphedHde1lB8iOil6w8W_HWowYr7a2uRRf4BTUB2zJffn9CsuVmmCUyn2isryM0nNoen0SN6K11Q-4Plakw2R76XmFAvfPkzgVLKYR7IgCD8I74-I7aES_pQ0wv2611pkpAjnmJ19EwmmayDermdAwldB74d8lBK7R1PP7wzBp7GfW3f6zO-zLlj1kVAEvL-jX8LUgaLW-JugwU%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dc7491ea2-4d26-4968-90d7-56827d4828a1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fdr16X%252Ffivem-mod-menu-by-krxllz5999.exe%26wy%3D0%26wx%3D0%26ww%3D1152%26wh%3D921%26cw%3D1152%26wiw%3D1152%26wih%3D836%26wfc%3D0%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP139.45.197.154:0
GET /?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3599665781%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DltVEAlj259X9rs70M3zfFIYlCZ-NFH1iIrRCPNHjiQD2eiLepVCj6cSzijlC95sJWEE-hPZirwf19_2WnwmL-sYT07RIVdjZoqN3W8qKt7ydW1S_TBBrdIDvYHK9xuRit0sjnbdryAfHeMR-CHxfR2SgErpln5wGw-OwDimW6_mpozUok72dqA2hrPYsIPa33XIOSpYqz1bGu6B-OXekNsiA_Zuq06zrcwiRGVOM-98k0dRE8KhXfowBQUrUkdOVjLHNTEwFlPAVnWSypBoL23gTUgBcOIqK2qKpDWCqFUrrCd1hyBa7PrvXcRP-PdhghVsKz0WSOQEozY_9Ywa_k9vgpmHU5Q1UlUUOjWQdOEMEV0fSvXmQMmZdH2TQqK9O_MKiXN-CxHk-YBh_4MaVfyVRFm21bME78N3fAp9lk5r5qmqUQ3rBsudhCGI3sSoxhGVlAl7rWkh4RphedHde1lB8iOil6w8W_HWowYr7a2uRRf4BTUB2zJffn9CsuVmmCUyn2isryM0nNoen0SN6K11Q-4Plakw2R76XmFAvfPkzgVLKYR7IgCD8I74-I7aES_pQ0wv2611pkpAjnmJ19EwmmayDermdAwldB74d8lBK7R1PP7wzBp7GfW3f6zO-zLlj1kVAEvL-jX8LUgaLW-JugwU%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dc7491ea2-4d26-4968-90d7-56827d4828a1%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fdr16X%252Ffivem-mod-menu-by-krxllz5999.exe%26wy%3D0%26wx%3D0%26ww%3D1152%26wh%3D921%26cw%3D1152%26wiw%3D1152%26wih%3D836%26wfc%3D0%26sah%3D1024%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=F5XUFD6rUHjnPhew2sJSKKPUR8zjNAu1My5c1LYcIfs; expires=Thu, 26-Jan-2023 19:25:24 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unphionetor.com/fv.js?t=72747&cb=976900179 | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2unphionetor.com/fv.js?t=72747&cb=976900179 IP139.45.197.236:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /fv.js?t=72747&cb=976900179 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:24 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0a42177b87de9a765b167c4d365e3caf
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonymfile.com/css/theme.min.css | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/css/theme.min.css IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
cache-control: s-maxage=10
X-Firefox-Spdy: h2
|
|
| anonymfile.com/js/site.js | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/js/site.js IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
cache-control: s-maxage=10
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js | 104.16.124.175 | 302 Found | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP104.16.124.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 18:25:21 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQQN11SN5QNERAVN0V9ZB5WG-fra
cf-cache-status: HIT
age: 206
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fb4a702b301bfa-OSL
X-Firefox-Spdy: h2
|
|
| anonymfile.com/sw.js | 138.201.48.112 | 404 Not Found | 0 B |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Thu, 26 Jan 2023 18:25:23 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /pagespeed_static/1.JiBnMqyl6S.gif HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
date: Thu, 26 Jan 2023 18:25:21 GMT
last-modified: Thu, 26 Jan 2023 18:25:21 GMT
cache-control: max-age=31536000
etag: W/"0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js | 104.16.124.175 | 200 OK | 0 B |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js IP104.16.124.175:0
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:25:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 22584474
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fb4a70bbd01bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| inklinkor.com/tag.min.js | 104.21.91.63 | 200 OK | 0 B |
IP104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 44dbc76f55d4948f16c8dfedefd404df
cache-control: max-age=86400
last-modified: Mon, 23 Jan 2023 15:52:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 27 Jan 2023 16:29:59 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ6QGU6ycQYlIXWILasa0sahg24O5YeMyINWPnB8xogyBGLJ5SdXkn7zesrPqrsCp3RFct58Abk3L2bB%2B8VluWzwIEebC7fK5cXyDMKkAGM0JUxP0GYBtHZzI1Wa6riC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb4a7839580b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ibrapush.com/pfe/current/universal.min.js?v=3.1.414 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2ibrapush.com/pfe/current/universal.min.js?v=3.1.414 IP139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.414 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 18:25:23 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 14:02:57 GMT
etag: W/"63d28811-18c6c"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonymfile.com/sw.js | 138.201.48.112 | 404 Not Found | 0 B |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/dr16X/fivem-mod-menu-by-krxllz5999.exe
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1KM2NCbzdTV3NaKy96d0RNL21CVGc9PSIsInZhbHVlIjoieWlkbHV3QzRySmRFbUY4SE5XeHlKUGQ5MVhWblFYWFRjakNqcklSMW5rR3dERUdQVGE3eWxRMDA1aVRuaUtiZ24rWWlwQ2hCTStSWDAzRzB2c0s5a1VKdVRxSEZwbitiSEdKeEQ5MXBIa1g5S3hVMm9nR3hjcHJLMXNOM00vWWIiLCJtYWMiOiIwNTE1YWQxMjVlYjczYzlkNjJmMDg4OTZkMjY3ZDM5OGY4ODBlMjFjOWNjZjJiMTU4ZjE5NTJlNjY5NTE0NmExIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik1YRmt6Mk5xWlVOd0R0YzVLK0pQaUE9PSIsInZhbHVlIjoiYk8xMGxMZmR0U1BOcXJXM0NiM0lDbUk4MnRhbm5UWnJ1eGp3TE9Xb0pWVFFBWmpITkg0cGovUktMS0pNUCtVSWdkMFVkdllXSjRsbmQyL3JndjFEMDkzcThrQ2lKdTE0YWhrcEhDbWJEb3lmYXI4RjVpc0M0b2twYTlremIyMTMiLCJtYWMiOiI5MmI3YjA1NGI5OTRlNzI3ZjMzNGNmZGRmNTllNTU3OTVmNDJiNTUyYzU5ZjIyMjE5NDFhNTk5OWNmMzRlZmNmIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Thu, 26 Jan 2023 18:25:25 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|