cdn-134.anonfiles.com/f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar
195.96.151.89301 Moved Permanently 162 B URL HTTP/1.1 cdn-134.anonfiles.com/f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar
IP 195.96.151.89:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar HTTP/1.1
Host: cdn-134.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 10 Mar 2023 21:50:28 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-134.anonfiles.com/f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16021
Expires: Sat, 11 Mar 2023 02:17:29 GMT
Date: Fri, 10 Mar 2023 21:50:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88c2e33504e05b0bc2b7a3502d6a79bb
23881a1edb8d8ff3dc2192d25792a59fa2c96088
dfbfefeab7d314e54f5e5f2e48ba645817da6dee3ee2bc5abdbaac81b8dc66e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBFEFEAB7D314E54F5E5F2E48BA645817DA6DEE3EE2BC5ABDBAAC81B8DC66E7"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8572
Expires: Sat, 11 Mar 2023 00:13:20 GMT
Date: Fri, 10 Mar 2023 21:50:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 33723bd3cb2d70f8f86442863df61ec1
ee9f60025e885c09ff570c4e8f641bcc25ff83f0
dc794aeea289e16c4f217e2e3379cc434b6071badbf9ab6d64884707eafee538
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC794AEEA289E16C4F217E2E3379CC434B6071BADBF9AB6D64884707EAFEE538"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11341
Expires: Sat, 11 Mar 2023 00:59:29 GMT
Date: Fri, 10 Mar 2023 21:50:28 GMT
Connection: keep-alive
cdn-134.anonfiles.com/f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar
195.96.151.89301 Moved Permanently 0 B URL HTTP/1.1 cdn-134.anonfiles.com/f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar
IP 195.96.151.89:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f28amb7ay6/482f41b6-1674599380/DDOS%20-%20DDOSER%20Tools.rar HTTP/1.1
Host: cdn-134.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 10 Mar 2023 21:50:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/f28amb7ay6
X-Cache-Host: filecache-01
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ia7AmBodeG0K1W8P6tTmLLw4h8GQ86UEq1Bz3x2Oh8VDseDtNXoj0ZOM5AzMyfOQdjG9eJijC0Q=
x-amz-request-id: 6KGMTXQ9ZNJWG3E6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 10 Mar 2023 21:45:18 GMT
age: 310
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 10 Mar 2023 21:13:47 GMT
content-type: application/json
age: 2201
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 Mar 2023 21:50:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93061d80f5b426b5d6eff5f8497cdfbf
3635b89ab61b673c16bbfa83ef454589b91a993f
b87cd3a80b52dccc123e87de9c3f7868fef14b834c84224bcb45cee9aff5ac53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B87CD3A80B52DCCC123E87DE9C3F7868FEF14B834C84224BCB45CEE9AFF5AC53"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16297
Expires: Sat, 11 Mar 2023 02:22:05 GMT
Date: Fri, 10 Mar 2023 21:50:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Pragma, Last-Modified, ETag, Retry-After, Cache-Control, Content-Type, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 10 Mar 2023 21:03:42 GMT
age: 2807
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d960a8d21b339ab0d7987e3b1eb16fdc
08d4430c549151295ee4e1dc8f24dbd3d9456b0b
522b75aa714f87a716a9a693a7c3ed1cab6e5b1725f20a67df46dec2967b5960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "522B75AA714F87A716A9A693A7C3ED1CAB6E5B1725F20A67DF46DEC2967B5960"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Sat, 11 Mar 2023 00:12:32 GMT
Date: Fri, 10 Mar 2023 21:50:29 GMT
Connection: keep-alive
anonfiles.com/f28amb7ay6
45.154.253.150200 OK 3.2 kB IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (541)
Hash 734393d25e315a13a1272adb1797db88
18506037f9ee99939ba118d9b6961906fa95ba4e
01b384b0c5a2c57b8fec6ceb11839efdb403e1201b97c8888904a6fc1c49e205
GET /f28amb7ay6 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: N
Content-Encoding: gzip
push.services.mozilla.com/
52.36.191.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.191.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpIOG6bcmZnP1qV/VgYxFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PWZqVuRMyKi+uNmQxUsu7TmqK1A=
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.194.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.194.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Fri, 10 Mar 2023 21:50:29 GMT
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 2211
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
vjs.zencdn.net/7.3.0/video.min.js
151.101.194.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.194.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Fri, 10 Mar 2023 21:50:30 GMT
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/?xsvjd=737329
54.230.245.107200 OK 69 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP 54.230.245.107:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 21f3c8abbcc1f6e52533387976a6b6d1
68ce09920298e2282da6f4941d5bbf47964e909b
68d0321bd50a0937b227130e8cde291905d0126ef69355a084250a6d2e1b1577
GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68944
date: Fri, 10 Mar 2023 21:50:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5J1oGJEVJeRnj2QCSXKSTSgJ_oabKE6YAUiPBK760rI80WNMCWSWfA==
X-Firefox-Spdy: h2
anonfiles.com/css/anonfiles.css?1677171542
45.154.253.150200 OK 25 kB URL HTTP/1.1 anonfiles.com/css/anonfiles.css?1677171542
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash bf84dfe5f6e6044aa4c1095a7a9a850e
e411fe5ea4f2b5ce7382dfe3079589f4817ad165
2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
GET /css/anonfiles.css?1677171542 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2541
Content-Encoding: gzip
anonfiles.com/js/app.js?1677171542
45.154.253.150200 OK 58 kB URL HTTP/1.1 anonfiles.com/js/app.js?1677171542
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash 6593eca3dca95e3f423b750e172123cb
49f313f04500d3493e99a5f1841cdc1c798db703
0db1a88df800a447935f58da885afbec989e73606cb37a7df98d428f04d35fcb
GET /js/app.js?1677171542 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3188
Content-Encoding: gzip
anonfiles.com/sw_anonfiles.js
45.154.253.150200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 22534
Content-Encoding: gzip
anonfiles.com/img/flags/24/br.png
45.154.253.150200 OK 1.1 kB URL HTTP/1.1 anonfiles.com/img/flags/24/br.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:30 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4735
accept-ranges: bytes
anonfiles.com/img/flags/24/fr.png
45.154.253.150200 OK 536 B URL HTTP/1.1 anonfiles.com/img/flags/24/fr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3511
accept-ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf6b118abcbb3c70e4925beccd356f05
0ae308daf6e272dc3b6388054c413c0b6d0fb1e8
e696b837b70293f306bdc6786f025f28491d158fcd34b568fb807d5f7ab7d47b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E696B837B70293F306BDC6786F025F28491D158FCD34B568FB807D5F7AB7D47B"
Last-Modified: Fri, 10 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9451
Expires: Sat, 11 Mar 2023 00:28:02 GMT
Date: Fri, 10 Mar 2023 21:50:31 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/in.png
45.154.253.150200 OK 593 B URL HTTP/1.1 anonfiles.com/img/flags/24/in.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3594
accept-ranges: bytes
oseculretabout.com/alB2Mk5FbxVBcz8XGlMALAYGZQknES9lIjgyJwMjCxZHRww9FVBGJw5tQQF5WWJPFD4DNEsDaBkkF0Y7GW1HFCcENhkPaBxtRxx9Xn5FAGBbdgMPdlxkQAF/WmlGBn5eZUECaB4gF1VzW3YGRjoGbUcEeVJkTgd+WWFGC34
188.114.96.1204 No Content 0 B URL HTTP/2 oseculretabout.com/alB2Mk5FbxVBcz8XGlMALAYGZQknES9lIjgyJwMjCxZHRww9FVBGJw5tQQF5WWJPFD4DNEsDaBkkF0Y7GW1HFCcENhkPaBxtRxx9Xn5FAGBbdgMPdlxkQAF/WmlGBn5eZUECaB4gF1VzW3YGRjoGbUcEeVJkTgd+WWFGC34
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alB2Mk5FbxVBcz8XGlMALAYGZQknES9lIjgyJwMjCxZHRww9FVBGJw5tQQF5WWJPFD4DNEsDaBkkF0Y7GW1HFCcENhkPaBxtRxx9Xn5FAGBbdgMPdlxkQAF/WmlGBn5eZUECaB4gF1VzW3YGRjoGbUcEeVJkTgd+WWFGC34 HTTP/1.1
Host: oseculretabout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 10 Mar 2023 21:50:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=In7ur9omRCbVcc049eCbY9f4PtWMv26mW%2B8zXk0dReZftAF40bUNfbXoXR6PfovsknxEYesn5G63fBjSJ4ulfI%2FbmYiMijPwmsE7hZr8aZuirvChHPe89rZcZVVdlMl8Wy8VTKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a5ec614aaf6fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oseculretabout.com/YTJYUW5ODTsiUzsCYR8MJko+NzYZZwAXJFlUNCE4N1w0ZjY3RX4lBwUPb2JZUgFodx4IVmVgVkdBLDAaFEFlYEgIXD4+U0dEZWBAURxqf11HR2VpWFUEa2BeWAJsYVpUBWh3GhFTP2xfR0IsJQJcA25mVlUKbWFdUANoYQ
188.114.96.1204 No Content 0 B URL HTTP/2 oseculretabout.com/YTJYUW5ODTsiUzsCYR8MJko+NzYZZwAXJFlUNCE4N1w0ZjY3RX4lBwUPb2JZUgFodx4IVmVgVkdBLDAaFEFlYEgIXD4+U0dEZWBAURxqf11HR2VpWFUEa2BeWAJsYVpUBWh3GhFTP2xfR0IsJQJcA25mVlUKbWFdUANoYQ
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YTJYUW5ODTsiUzsCYR8MJko+NzYZZwAXJFlUNCE4N1w0ZjY3RX4lBwUPb2JZUgFodx4IVmVgVkdBLDAaFEFlYEgIXD4+U0dEZWBAURxqf11HR2VpWFUEa2BeWAJsYVpUBWh3GhFTP2xfR0IsJQJcA25mVlUKbWFdUANoYQ HTTP/1.1
Host: oseculretabout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 10 Mar 2023 21:50:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF5yIiI9Ei7t6B1qSSxgylrKz6PLtSBg37AL4peq%2Fgr6ahLpKX8S77zRIpPtwhMW3GjhOb5qCK2EokQieLFbKf1ZaL6t8jVWTz2uHuh95liioSrFPy4LhhsuWB9rmP0sMq0LuP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a5ec614aaf7fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
easeavailandpro.info/TFVhSXotNwIkRS1oA28PPjlcbEgKcFMPHiYjWHAJNDoQOQx9ZE8qFiMgBS8IIzsVZxQpIUR7PAoCNh8IFgEofzkrACUNKXwYJXgdCjQNAyMaIhVsSAoRGS4xFBYNEDEeGwwAABVsLyI8PQQZcRwaODMfLh05NQcNBgIweBl/Fw0TLwoRBgs5GjImLwIJNyIlFicUCQQiGwYkHT4dISAHEQEwIwhCfBYJDDcUPzQMLiAxUSs/ODcwCDg8ATM+NxQRUQIyDgw5KEsZEyQbHj4DNzksBBINCC0PNjkoSxk2JQ8COgA0fC0vHRkRLTRlJCsvDgwrMR4+AzNkERgTUyYRGzk0AR59AyIYOw4lIC5OCwI1EzsbBiwIGxoHAx8rAiU3DE8UFAtxNwsEIxw0JGQuH0keOjcfTwAUD3ErGjlRDBgaGzgfOwYyNx9DGhcMMSkbIkcjCSM7EXQ4OgEbGiwfJlI
108.156.22.33200 OK 1.2 kB URL HTTP/2 easeavailandpro.info/TFVhSXotNwIkRS1oA28PPjlcbEgKcFMPHiYjWHAJNDoQOQx9ZE8qFiMgBS8IIzsVZxQpIUR7PAoCNh8IFgEofzkrACUNKXwYJXgdCjQNAyMaIhVsSAoRGS4xFBYNEDEeGwwAABVsLyI8PQQZcRwaODMfLh05NQcNBgIweBl/Fw0TLwoRBgs5GjImLwIJNyIlFicUCQQiGwYkHT4dISAHEQEwIwhCfBYJDDcUPzQMLiAxUSs/ODcwCDg8ATM+NxQRUQIyDgw5KEsZEyQbHj4DNzksBBINCC0PNjkoSxk2JQ8COgA0fC0vHRkRLTRlJCsvDgwrMR4+AzNkERgTUyYRGzk0AR59AyIYOw4lIC5OCwI1EzsbBiwIGxoHAx8rAiU3DE8UFAtxNwsEIxw0JGQuH0keOjcfTwAUD3ErGjlRDBgaGzgfOwYyNx9DGhcMMSkbIkcjCSM7EXQ4OgEbGiwfJlI
IP 108.156.22.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3053), with no line terminators
Hash 95342bf606f58f56cad4f46a6908a13a
e4a307f1a852d053bd3fb4051b6438b1b6c5ac2a
807943fa63382c23e8364f34dd90332af4dc9ecdb4eddbb2d34250936006f1da
GET /TFVhSXotNwIkRS1oA28PPjlcbEgKcFMPHiYjWHAJNDoQOQx9ZE8qFiMgBS8IIzsVZxQpIUR7PAoCNh8IFgEofzkrACUNKXwYJXgdCjQNAyMaIhVsSAoRGS4xFBYNEDEeGwwAABVsLyI8PQQZcRwaODMfLh05NQcNBgIweBl/Fw0TLwoRBgs5GjImLwIJNyIlFicUCQQiGwYkHT4dISAHEQEwIwhCfBYJDDcUPzQMLiAxUSs/ODcwCDg8ATM+NxQRUQIyDgw5KEsZEyQbHj4DNzksBBINCC0PNjkoSxk2JQ8COgA0fC0vHRkRLTRlJCsvDgwrMR4+AzNkERgTUyYRGzk0AR59AyIYOw4lIC5OCwI1EzsbBiwIGxoHAx8rAiU3DE8UFAtxNwsEIxw0JGQuH0keOjcfTwAUD3ErGjlRDBgaGzgfOwYyNx9DGhcMMSkbIkcjCSM7EXQ4OgEbGiwfJlI HTTP/1.1
Host: easeavailandpro.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Fri, 10 Mar 2023 21:50:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 671239541300bae29061aebf82d37474.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: HB_IuI-r3wBcXMTwxWaeF6NtcErQPkO9vk9Bpke3-HTm2sBNi10NXw==
X-Firefox-Spdy: h2
easeavailandpro.info/ZEFGWEYFIyU1eQV8JH4zFi17fXQiZHQeIg43f2E1HC43KDBVcGg7Kgs0Ij40Cy8ydigBNWNqAD0VEQItKgkXLQU1MRULPA8RBxkqICcqHh4mcRQqAiYlJB8sVSMIAAwnDQc3IQYFDy0MVAsHHC8IIxAaDz0NBz8CJxcPNwUlIgwKERcJBx4cLiQTGRQyFC0/BTZ0Ih8FIQkXCR8dJAMwEyEUHGESDA8iHy8PCwNoIjYndwENNQcAfXQiFyoNAzMvdxwQVxsUPnc9FR4KNlMULR0OKiwuDRAhOQU9EyoZIjQAQXMADi4+AhMAcgoXFwoEPXAcFgMxG38ZF0kHHhA/LgUQNgwjJxA8EyYEEGEQVAQBCgUXEQA0AzcILm0EJisMYBAIBCcKARcVEQk+JyQQGh4mFBRoEAgAAwkODBMQGWAOMik2NlkQAG4nCAUeHiUl
108.156.22.33200 OK 1.2 kB URL HTTP/2 easeavailandpro.info/ZEFGWEYFIyU1eQV8JH4zFi17fXQiZHQeIg43f2E1HC43KDBVcGg7Kgs0Ij40Cy8ydigBNWNqAD0VEQItKgkXLQU1MRULPA8RBxkqICcqHh4mcRQqAiYlJB8sVSMIAAwnDQc3IQYFDy0MVAsHHC8IIxAaDz0NBz8CJxcPNwUlIgwKERcJBx4cLiQTGRQyFC0/BTZ0Ih8FIQkXCR8dJAMwEyEUHGESDA8iHy8PCwNoIjYndwENNQcAfXQiFyoNAzMvdxwQVxsUPnc9FR4KNlMULR0OKiwuDRAhOQU9EyoZIjQAQXMADi4+AhMAcgoXFwoEPXAcFgMxG38ZF0kHHhA/LgUQNgwjJxA8EyYEEGEQVAQBCgUXEQA0AzcILm0EJisMYBAIBCcKARcVEQk+JyQQGh4mFBRoEAgAAwkODBMQGWAOMik2NlkQAG4nCAUeHiUl
IP 108.156.22.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash 13dbe95628de0009b1c8fabfa72bb63d
dac8bbd156976c7a2c395cc859be5f25027ed3da
30eb2d459e8367d28a00365b49d977388b53f9edcaf0146cf84e6e33e10de25d
GET /ZEFGWEYFIyU1eQV8JH4zFi17fXQiZHQeIg43f2E1HC43KDBVcGg7Kgs0Ij40Cy8ydigBNWNqAD0VEQItKgkXLQU1MRULPA8RBxkqICcqHh4mcRQqAiYlJB8sVSMIAAwnDQc3IQYFDy0MVAsHHC8IIxAaDz0NBz8CJxcPNwUlIgwKERcJBx4cLiQTGRQyFC0/BTZ0Ih8FIQkXCR8dJAMwEyEUHGESDA8iHy8PCwNoIjYndwENNQcAfXQiFyoNAzMvdxwQVxsUPnc9FR4KNlMULR0OKiwuDRAhOQU9EyoZIjQAQXMADi4+AhMAcgoXFwoEPXAcFgMxG38ZF0kHHhA/LgUQNgwjJxA8EyYEEGEQVAQBCgUXEQA0AzcILm0EJisMYBAIBCcKARcVEQk+JyQQGh4mFBRoEAgAAwkODBMQGWAOMik2NlkQAG4nCAUeHiUl HTTP/1.1
Host: easeavailandpro.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Fri, 10 Mar 2023 21:50:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 671239541300bae29061aebf82d37474.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: gltKC038r3JFonJxpKnUeT5YClQbIsL0iVAXe-pyusZ-4H9zApSUTw==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/ru.png
45.154.253.150200 OK 403 B URL HTTP/1.1 anonfiles.com/img/flags/24/ru.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3539
accept-ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15765
Expires: Sat, 11 Mar 2023 02:13:16 GMT
Date: Fri, 10 Mar 2023 21:50:31 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/no.png
45.154.253.150200 OK 611 B URL HTTP/1.1 anonfiles.com/img/flags/24/no.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3542
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/FWWVrZTI6CgUDDS0MD1gFalJYVwt/DxgKXClYKRNmIzY9NkFqQx8fVmRVTQlTNwJWQ1c3BlZUFDgBCVgGfxEbCllkAhMXWSETDQtANkMeBA80ChEMXjUETld0bEtbQABpTRwMXD0KHBYXa1UFERdrVVpVHGlAWCcXa1UcDFxvUU5WcHxXWx0EbUBYJxdrVR-kTF2okWlUHd1VCQABpAg4GWTZAWSMAaVRbVQNpVE5XAj8MGQBUNh1OV3RoVV5LAn8QVl0EbVNYVAJgVV9VBmxSWw
54.230.245.107200 OK 562 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/FWWVrZTI6CgUDDS0MD1gFalJYVwt/DxgKXClYKRNmIzY9NkFqQx8fVmRVTQlTNwJWQ1c3BlZUFDgBCVgGfxEbCllkAhMXWSETDQtANkMeBA80ChEMXjUETld0bEtbQABpTRwMXD0KHBYXa1UFERdrVVpVHGlAWCcXa1UcDFxvUU5WcHxXWx0EbUBYJxdrVR-kTF2okWlUHd1VCQABpAg4GWTZAWSMAaVRbVQNpVE5XAj8MGQBUNh1OV3RoVV5LAn8QVl0EbVNYVAJgVV9VBmxSWw
IP 54.230.245.107:0
File type ASCII text, with very long lines (797), with no line terminators
Hash 4e1c05fb15ea38ba2626b640c7f72069
22c99ccffe3b6f3d3433a16b7f205b585255424c
2c2afefac6e515e53030982c96e6f6460a99ef0010c4578eeeee787cbf633154
Analyzer Verdict Alert fortinet Malware
GET /FWWVrZTI6CgUDDS0MD1gFalJYVwt/DxgKXClYKRNmIzY9NkFqQx8fVmRVTQlTNwJWQ1c3BlZUFDgBCVgGfxEbCllkAhMXWSETDQtANkMeBA80ChEMXjUETld0bEtbQABpTRwMXD0KHBYXa1UFERdrVVpVHGlAWCcXa1UcDFxvUU5WcHxXWx0EbUBYJxdrVR-kTF2okWlUHd1VCQABpAg4GWTZAWSMAaVRbVQNpVE5XAj8MGQBUNh1OV3RoVV5LAn8QVl0EbVNYVAJgVV9VBmxSWw HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easeavailandpro.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 562
date: Fri, 10 Mar 2023 21:50:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UUfavhFrPT_Qhv1NQqK8kfsAUxsWaairDvmX2zKWKXCz3hUN06-Q5g==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15765
Expires: Sat, 11 Mar 2023 02:13:16 GMT
Date: Fri, 10 Mar 2023 21:50:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3334199f-c88a-4e10-8a20-35d778e5ad3e.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3334199f-c88a-4e10-8a20-35d778e5ad3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f494fb2a46c3a2591e0a1f0359e1bbd8
ed497c432d8db39584b3e92ffe2745ef80976acb
858539e35c550718d662430b4f27e0562b18cbaee412dca721b2bba31c2e7edd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3334199f-c88a-4e10-8a20-35d778e5ad3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5436
x-amzn-requestid: 10f91147-1958-42cb-ae25-c02667cd28a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BiGysEHWIAMFtOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640a51aa-23d0346617aa7dce37db3ac4;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 21:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XsjR6c2NkSoYsV8OiiDK0qGZNQ2BQoiuMmkipISsZmOOk0X3Ct7vJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 21:51:37 GMT
age: 86334
etag: "ed497c432d8db39584b3e92ffe2745ef80976acb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54939002388023971ddb6b7e7ad53403
21f73b23a35299dfbae64d57dd2762625a9a09f5
8f8b0574ea2dc28302dee0a9868c1c145f66a6735353d236a8bd024c624f55a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F8B0574EA2DC28302DEE0A9868C1C145F66A6735353D236A8BD024C624F55A1"
Last-Modified: Thu, 09 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15765
Expires: Sat, 11 Mar 2023 02:13:16 GMT
Date: Fri, 10 Mar 2023 21:50:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91283b46-f996-430b-87e0-6ed759a5e29e.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91283b46-f996-430b-87e0-6ed759a5e29e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ae7b7b0415b0e4ecc8c0731493c9943
9cf80e4b6291a6c33692d4bbc06354a7c7246a17
32fdebf5971aff992b17dab9e0b617bf64df69d84f685b0687f90c6bdefc340b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91283b46-f996-430b-87e0-6ed759a5e29e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 4489ef66-8339-4c0b-9feb-12bb68a4dc7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BiHI1FjuIAMFiVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640a5238-1618e4bd4abf524223af0bbd;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 21:40:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: m97KuvNrZ_WOgeXJatF4t6w0hoS2yeQWIRAezMO9WN2t6EMX_A2rBg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 21:59:23 GMT
age: 85868
etag: "9cf80e4b6291a6c33692d4bbc06354a7c7246a17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece612bb-5803-44a0-b013-69495e68f618.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece612bb-5803-44a0-b013-69495e68f618.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fb01de303305f91bcb86bb15d5dfd76
f12c4a253b5871781a144aaab511e17b0de39334
140fa20d955abe7cf7e2a8543e5a72665abe6b030d0a3741d233c459d0aaa9e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fece612bb-5803-44a0-b013-69495e68f618.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7086
x-amzn-requestid: 96331389-5dbb-4342-81ca-4e4fb11885be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BiG3FGstIAMFYtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640a51c6-42d7e2ce0f02506633d445bf;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 21:38:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ffmJt0iVwX3HIfEldQ2Ygb3fLxRkzh8mK4ZwaJNDcTFNwwMBFw_BSA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1f41b5f27f3ec2e93db2155dbc56900c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 21:49:47 GMT
age: 44
etag: "f12c4a253b5871781a144aaab511e17b0de39334"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25ce13d4-351d-4678-a98b-89943616b968.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25ce13d4-351d-4678-a98b-89943616b968.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2caf7ed531bd79c257740c6ca076f73f
fb7480d1f20efef4dd386ee307be3a73e4fbc909
1c14c3295338834a139c1de93b9ea463422648069b62dd0901e485bafcbfd6e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25ce13d4-351d-4678-a98b-89943616b968.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10661
x-amzn-requestid: f57c86a4-5218-41a0-8a5e-472574c9b790
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BiG0HF8aIAMF4Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640a51b3-1c2dd57219a840c7541a2f0a;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 21:37:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: eLA3ay3h_k8JDHfwBUWZgNJoBbRp1XCGJGRR8t1kgrbFKuiJ0reZuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 21:58:26 GMT
age: 85925
etag: "fb7480d1f20efef4dd386ee307be3a73e4fbc909"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25fd96ef-f1de-4dc9-8d62-fcfe64e87be6.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25fd96ef-f1de-4dc9-8d62-fcfe64e87be6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bcbb9a229dfdbcdd5f4933d53dccd2f
d466c69e698e6016fd281b42e2943b6160187e15
c34e80cadb28929c81138b15498a7b6ae2ab0c8560ff642e84c1e8bf4760a750
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25fd96ef-f1de-4dc9-8d62-fcfe64e87be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: a5ba936c-e377-4d33-94f1-65ac4e1da876
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BiG0THS5IAMF1xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640a51b4-205321b8175ab3982b9fd0da;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 2_ZLNwNLl5tVRF6ckhEW9TvijH03dzMdUmOOnSRx5vTxt7-YVinPGA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Mar 2023 21:56:16 GMT
age: 86055
etag: "d466c69e698e6016fd281b42e2943b6160187e15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b8e30bb39aa250f6c2df08389a4e145
642f9f6fafe2c8025703faf03b808d4bea113bcc
9c6d4ae7fc960846400f4df2c574758b5844df8f5a6d2c0f914bd370aba4ba52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626e2c33-8f9d-461c-874b-6e24d45c4cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8716
x-amzn-requestid: 40087886-c4fe-4a66-b8ba-20a2125112b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BfKV3E71IAMFpew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64092425-221d2dbe33c80377171dd984;Sampled=0
x-amzn-remapped-date: Thu, 09 Mar 2023 00:11:17 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: ZPPlMrIfTwN6z2eWlAwFhBqcUE9BpfJy_CjqJJL6tdDcK1ivI3R0Sg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 01:54:24 GMT
age: 71767
etag: "642f9f6fafe2c8025703faf03b808d4bea113bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/es.png
45.154.253.150200 OK 666 B URL HTTP/1.1 anonfiles.com/img/flags/24/es.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3518
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/YTWZkNHQuCQpSSzkPAAlDflFXB0RrDBdbGj1bNXJCLAogbDIuJ0JADilbVBIYLAgDCVIoCAcJRWsHAFZJeUARVUkgCR5dGCEHQQYyeEhUEUZ9ThNdGikJE0dRf1YKQFF/VlUEWn1DV3ZRf1YTXRp7UkEHNmhUVExCeUNXdlF/VhZCUX4nVQRBY1ZNEUZ9AQ-FXHyJDVnJGfVdUBEV9V0EGRCsPFlESIh5BBjJ8VlEaRGsTWQxCeVBXBUR0VlAEQHhRVA
54.230.245.107200 OK 259 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/YTWZkNHQuCQpSSzkPAAlDflFXB0RrDBdbGj1bNXJCLAogbDIuJ0JADilbVBIYLAgDCVIoCAcJRWsHAFZJeUARVUkgCR5dGCEHQQYyeEhUEUZ9ThNdGikJE0dRf1YKQFF/VlUEWn1DV3ZRf1YTXRp7UkEHNmhUVExCeUNXdlF/VhZCUX4nVQRBY1ZNEUZ9AQ-FXHyJDVnJGfVdUBEV9V0EGRCsPFlESIh5BBjJ8VlEaRGsTWQxCeVBXBUR0VlAEQHhRVA
IP 54.230.245.107:0
File type ASCII text, with very long lines (302), with no line terminators
Hash 6b52c7e7be25e79e282b804a9b9a3c1d
98ccb043067997b71f97b96d4f779c86936fe582
6afb7feedc530ef2d3b46c412860c27073caade5534d42d7394a4e37fc973799
Analyzer Verdict Alert fortinet Malware
GET /YTWZkNHQuCQpSSzkPAAlDflFXB0RrDBdbGj1bNXJCLAogbDIuJ0JADilbVBIYLAgDCVIoCAcJRWsHAFZJeUARVUkgCR5dGCEHQQYyeEhUEUZ9ThNdGikJE0dRf1YKQFF/VlUEWn1DV3ZRf1YTXRp7UkEHNmhUVExCeUNXdlF/VhZCUX4nVQRBY1ZNEUZ9AQ-FXHyJDVnJGfVdUBEV9V0EGRCsPFlESIh5BBjJ8VlEaRGsTWQxCeVBXBUR0VlAEQHhRVA HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://easeavailandpro.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 259
date: Fri, 10 Mar 2023 21:50:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kzSeaRvrjz5mwZ9UFXS2l9JCARfeoENX8YYvjwufsPyV1NgYH-UFAQ==
X-Firefox-Spdy: h2
easeavailandpro.info/utx?tid=737323&top=anonfiles.com&cb=3OfYU1ZW14pF
108.156.22.33204 No Content 0 B URL HTTP/2 easeavailandpro.info/utx?tid=737323&top=anonfiles.com&cb=3OfYU1ZW14pF
IP 108.156.22.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=737323&top=anonfiles.com&cb=3OfYU1ZW14pF HTTP/1.1
Host: easeavailandpro.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 10 Mar 2023 21:50:31 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 10 Mar 2023 21:51:31 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 671239541300bae29061aebf82d37474.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: vl2khz-BUkY_ghiEUJPD1lkvBAePWOtDQBeBEInMtl73fRmH0BJlcg==
X-Firefox-Spdy: h2
anonfiles.com/static/logo.png
45.154.253.150200 OK 18 kB URL HTTP/1.1 anonfiles.com/static/logo.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f9fd716d30e220aa24bab0e94ebf0aa0
4af32d78655436173f272bb65159a232f1671b8d
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Wed, 16 Nov 2022 12:55:21 GMT
etag: "6374ddb9-4809"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a6b981bec1a20e7822675f2c52358431
3eab45f5c96437e6407effa0bec6fe9a354df9ba
794d465ef06075e0086cd8cca7646a6131dda295302daa2ec152bbfe05b50ed4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "794D465EF06075E0086CD8CCA7646A6131DDA295302DAA2EC152BBFE05B50ED4"
Last-Modified: Fri, 10 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2220
Expires: Fri, 10 Mar 2023 22:27:31 GMT
Date: Fri, 10 Mar 2023 21:50:31 GMT
Connection: keep-alive
anonfiles.com/img/file/filetypes/ext/rar.png?1663356888
45.154.253.150200 OK 631 B URL HTTP/1.1 anonfiles.com/img/file/filetypes/ext/rar.png?1663356888
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d33954367bc5d15c7f0e01857e7ae8ea
b8b5ba4e52c439feed2b51c7f982be6f4dee3aae
a6f8963dd8d602e135e8b860b7e48badfd78c2b1bef9ec362a39ce2fc484606f
GET /img/file/filetypes/ext/rar.png?1663356888 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 631
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 344
accept-ranges: bytes
anonfiles.com/img/flags/24/us.png
45.154.253.150200 OK 656 B URL HTTP/1.1 anonfiles.com/img/flags/24/us.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:31 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3516
accept-ranges: bytes
gindeoedbadas.com/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: gindeoedbadas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 383
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/de.png
45.154.253.150200 OK 483 B URL HTTP/1.1 anonfiles.com/img/flags/24/de.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4754
accept-ranges: bytes
anonfiles.com/img/flags/24/se.png
45.154.253.150200 OK 581 B URL HTTP/1.1 anonfiles.com/img/flags/24/se.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4734
accept-ranges: bytes
anonfiles.com/img/flags/24/dk.png
45.154.253.150200 OK 537 B URL HTTP/1.1 anonfiles.com/img/flags/24/dk.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3540
accept-ranges: bytes
anonfiles.com/img/flags/24/fi.png
45.154.253.150200 OK 456 B URL HTTP/1.1 anonfiles.com/img/flags/24/fi.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3552
accept-ranges: bytes
anonfiles.com/img/flags/24/pl.png
45.154.253.150200 OK 347 B URL HTTP/1.1 anonfiles.com/img/flags/24/pl.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4669
accept-ranges: bytes
anonfiles.com/img/flags/24/jp.png
45.154.253.150200 OK 599 B URL HTTP/1.1 anonfiles.com/img/flags/24/jp.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3945
accept-ranges: bytes
anonfiles.com/img/flags/24/kr.png
45.154.253.150200 OK 988 B URL HTTP/1.1 anonfiles.com/img/flags/24/kr.png
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:32 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4690
accept-ranges: bytes
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ef13af5d694a5a7f3ea4932c907df104
92d0532e459e770a922f212714aa4114336a28e3
6064dac27b4c48741544d792dfa177a032d9a0ec94f08667794e54728bae4364
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1424
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 10 Mar 2023 21:50:32 GMT
Last-Modified: Fri, 10 Mar 2023 21:26:48 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2ed7ad8d3701bec62bae73e0f7759e8b
cba29b9c968cede7278e4ed8e45056be5948a031
b57ee872b4ac0731eac85f416f55bf87a26153ae6fab200b61f3ad78c623f7ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Mar 2023 21:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2ed7ad8d3701bec62bae73e0f7759e8b
cba29b9c968cede7278e4ed8e45056be5948a031
b57ee872b4ac0731eac85f416f55bf87a26153ae6fab200b61f3ad78c623f7ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 10 Mar 2023 21:50:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
easeavailandpro.info/utx?cb=aljqIw9PtRHv&top=anonfiles.com&tid=737329
108.156.22.33204 No Content 0 B URL HTTP/2 easeavailandpro.info/utx?cb=aljqIw9PtRHv&top=anonfiles.com&tid=737329
IP 108.156.22.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=aljqIw9PtRHv&top=anonfiles.com&tid=737329 HTTP/1.1
Host: easeavailandpro.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 10 Mar 2023 21:50:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 10 Mar 2023 21:51:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 671239541300bae29061aebf82d37474.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: xCCBURVV5Qmt6uwoyYPe7tUTB8V79YD7Mg1UJ2aYbFD0iBskU-f-9Q==
X-Firefox-Spdy: h2
anonfiles.com/sw_anonfiles.js?MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20
45.154.253.150200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js?MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js?MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 22537
Content-Encoding: gzip
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 471 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
Hash c238a883d787a0f42cb9640be37f2a86
c39bdaa41308619143e220e8edb2738d68b94d37
5d30aff0c68e51e083fda47e9c38b3bde07074af51d08bf312b4690d6b07c0b3
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Mar 2023 21:50:33 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdPj0urjfPpYkydFbrZtQW3G_jRmJBqGgOlsEjE8conlUC6a0VqDdkaXtAncySbBNm8WIaG
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-QOG1xXmyWKRZxXJzZu5DNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:sg1w3FW31DNqbV4_dfxDqd2L3KMf1g:iTB9AEEVmycFdxvh; Expires=Sun, 09-Mar-2025 21:50:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHdHXV1ZeGBUQ4Sk2ZyTLy8xD9sINuQGikyOq6hq7hCC6sjQnyoVivyUOBIGzy5Oamdk2FbD
142.250.74.109302 Found 432 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHdHXV1ZeGBUQ4Sk2ZyTLy8xD9sINuQGikyOq6hq7hCC6sjQnyoVivyUOBIGzy5Oamdk2FbD
IP 142.250.74.109:0
Hash aec57e31394c760b40a8c63ad769d791
3eade1ec7ada25b0730faa7b53462d2ce29f89b6
a05ce2fea7ef27d8ce539df3810516619c9187b625f69f67ff371b57c962f95c
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHdHXV1ZeGBUQ4Sk2ZyTLy8xD9sINuQGikyOq6hq7hCC6sjQnyoVivyUOBIGzy5Oamdk2FbD HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Mar 2023 21:50:33 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-687659616%3A1678485033077551&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc7HVJx6wjCwsLwOX7gfF3Blws1mZ1Aeb53rol3O4D95-jnVrFdfye5koo3BEcx_MIdpP4J&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-1Sdplg-a5bMMPu56uzEV1w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:DpyT1eD4jnOh-jydRunNN-G39xhDXw:oT0Y_Fc0o0FT26QS;Path=/;Expires=Sun, 09-Mar-2025 21:50:33 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdPj0urjfPpYkydFbrZtQW3G_jRmJBqGgOlsEjE8conlUC6a0VqDdkaXtAncySbBNm8WIaG
142.250.74.109302 Found 393 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdPj0urjfPpYkydFbrZtQW3G_jRmJBqGgOlsEjE8conlUC6a0VqDdkaXtAncySbBNm8WIaG
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash b6029dbb5539e09a2fad420c3608a14c
9eaa86ef54b5c050535b1ca15138d75633da6781
fd7fb5b8c31ff2c010879feaf3712ee599c9751c7c63d4b5495679c3a946bb9d
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdPj0urjfPpYkydFbrZtQW3G_jRmJBqGgOlsEjE8conlUC6a0VqDdkaXtAncySbBNm8WIaG HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Mar 2023 21:50:33 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-686958921%3A1678485033112385&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeTQjhU5GIboQPX9EFf5rzdFt0L_MEXvdEvYJmIjH6mUuup1Oz39pMRvmmEXlAWbhSi9EXY&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-woRBTpO7-qZpIbdPpbahPA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:r2RLqztKBpvrKW9WBJBPZjiMk8Bkug:KN_VfTWrc8We9QL2;Path=/;Expires=Sun, 09-Mar-2025 21:50:33 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663356888
45.154.253.150200 OK 1.3 kB URL HTTP/1.1 anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1663356888
IP 45.154.253.150:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ee0e6dd4ef643128a1b7bd4ab32b8a79
8136c70aac1e50f8356c83f91fb77ea4b6596cbc
51f305558b4ed6fcf3a31b4f9e404fc2ea426cb5e785ac46ce827de0c5cabb4c
GET /img/favicon/favicon-32x32-anonfiles.png?1663356888 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/f28amb7ay6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 Mar 2023 21:50:33 GMT
Content-Type: image/png
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3761
accept-ranges: bytes
gindeoedbadas.com/MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20
54.162.51.18200 OK 13 kB URL HTTP/2 gindeoedbadas.com/MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20
IP 54.162.51.18:0
File type ASCII text, with very long lines (33863), with no line terminators
Hash 05e70b8ae8e5c29788b7bf237c1f5f3d
43e7353ffd67318a5acba0e26b1810bdd0d4163a
40e5dc74370062b5d87b3f62a6b1e21f225f4e15fa303fe76da7c64725451be7
GET /MDlzQmZrG0RxUQMLQGBKEhtfYFBTW0IkXgBdXiNWAg5edgQAXV57UwgAXndeB11Ge18ADRckXxIVUSBUUQxEJFJTFEB6XlYUR3FRBRRLJwQHFEt0BVQBQnIHVggQdUQcGwA1RBwbFCsIVFwcJwJSWBcjFR5aHC9EHBtCckgFG18kB1xKFm4AUVUAJ0pWWB8xA20 HTTP/1.1
Host: gindeoedbadas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 531085e488ed48404abd49d61e0622b6=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8447-CGu/DmHSpBp/CDKaFNOxP3B/8SY"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gindeoedbadas.com/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: gindeoedbadas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
gindeoedbadas.com/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: gindeoedbadas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 357
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
52.20.131.174200 OK 0 B URL HTTP/2 baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
IP 52.20.131.174:0
GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1
Host: baconaces.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e105-fvSMpzPK2nKeva2peAo3HkuEUoI"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Mar 2023 21:50:33 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHdHXV1ZeGBUQ4Sk2ZyTLy8xD9sINuQGikyOq6hq7hCC6sjQnyoVivyUOBIGzy5Oamdk2FbD
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-1k1jq4gjJK8nay884dGrSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:Va_noctwTvzoykEj1bcwn5DGwfp-vw:M549r0UfofBJyCYH; Expires=Sun, 09-Mar-2025 21:50:33 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2