anonymfile.com/Y1XPN/python2.rar
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/Y1XPN/python2.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /Y1XPN/python2.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 27 Jan 2023 13:50:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/Y1XPN/python2.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18555
Expires: Fri, 27 Jan 2023 19:00:03 GMT
Date: Fri, 27 Jan 2023 13:50:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6528
Expires: Fri, 27 Jan 2023 15:39:36 GMT
Date: Fri, 27 Jan 2023 13:50:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 13:42:59 GMT
content-type: application/json
age: 469
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5815
Expires: Fri, 27 Jan 2023 15:27:43 GMT
Date: Fri, 27 Jan 2023 13:50:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WSa8eYQSlLd1Ovo01hpWBiOjW00TYs1+mCVL1FqjCV3s5HTYrJER1pf4wxYbEIiFfPIpoC59vAo=
x-amz-request-id: RDHHPFD2V0Q8VW6T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 13:49:26 GMT
age: 82
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 75 kB URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 8b61cc26bfb7e13d1ebf3e9639914e51
7b8d4de2b1884b3c1654cfbde0e8a6f3885a3f66
f27b9cd4b89d6729e328f65b08114323077a61b6761865aa160785073f57bbb0
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74661
etag: W/"PSA-aj-TDax0QZn8Y"
date: Fri, 27 Jan 2023 13:50:49 GMT
expires: Fri, 27 Jan 2023 13:51:57 GMT
cache-control: max-age=67
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 27 Jan 2023 13:46:58 GMT
expires: Fri, 27 Jan 2023 13:51:58 GMT
X-Firefox-Spdy: h2
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Fri, 27 Jan 2023 13:46:58 GMT
expires: Fri, 27 Jan 2023 13:51:58 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:49 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15707367
expires: Wed, 17 Jan 2024 13:50:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PMPZjO4Nf35p9c2%2BJqiQgaBKAJR1SR5DeaFnItKiAKkx%2FpZ90dvqLxbNnDRlw5s%2FYEtp%2BKjiGSqUCdL2SAM%2FeKrKq8cx27%2BkGyayTcyB88YSibakBz7GDbqxsCheVoTY9lYDmzF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7901f5a54896b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 2.0 kB URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5640)
Hash a779d1605363c034784168e0553fee12
203adaeac5eec419f7bdf4ba6840c9378c9692e5
0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Fri, 27 Jan 2023 13:50:49 GMT
expires: Fri, 27 Jan 2023 13:51:58 GMT
cache-control: max-age=68
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 13:41:40 GMT
age: 549
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:49 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674827449.dop014.sk1.t,1674827449.cds245.sk1.hn,1674827449.cds210.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20451
Expires: Fri, 27 Jan 2023 19:31:40 GMT
Date: Fri, 27 Jan 2023 13:50:49 GMT
Connection: keep-alive
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 22 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 4332367bd6f2c12da86e4ab20157daef
027b329b8b50972ee035b4e4f3cb9a3c080aba31
a7a91652e8153a80b1270b5fdb1d1e1e880ad9580e298040df1ed1b024699eb4
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 21479
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-original-content-length: 40729
etag: W/"PSA-aj-QzI2e9bywS"
date: Fri, 27 Jan 2023 13:50:49 GMT
expires: Fri, 27 Jan 2023 13:52:00 GMT
cache-control: max-age=70
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif
138.201.48.112200 OK 53 B URL HTTP/2 anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 26206732aca5e92d398cfaffe3cf4162
d8a13bfed35405dcfaced74c3d0a46e705f461a2
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
GET /pagespeed_static/1.JiBnMqyl6S.gif HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
date: Fri, 27 Jan 2023 13:50:49 GMT
last-modified: Fri, 27 Jan 2023 13:50:49 GMT
cache-control: max-age=31536000
etag: W/"0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:50 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674827450.dop229.sk1.t,1674827450.cds239.sk1.hn,1674827450.cds210.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef59aa85c9572bcc65b9073860bf25a8
67f76f3edf37a48f3fc9244d4d76c2abfa1a4a2a
de67a6263dceb38bc328eaf7fc5dee5ce983c954cf3a5c673a1b5ab140990188
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE67A6263DCEB38BC328EAF7FC5DEE5CE983C954CF3A5C673A1B5AB140990188"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16472
Expires: Fri, 27 Jan 2023 18:25:22 GMT
Date: Fri, 27 Jan 2023 13:50:50 GMT
Connection: keep-alive
anonymfile.com/sw.js
138.201.48.112404 Not Found 8.0 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Hash 66a3d32b03372b16c7ff00bfd318cded
f19633bccba1e9bc2ee8a41131275b64742a29a0
c2129c1d0f673c84296e1941b12a0dd3ccb562feb738f719c0c0a26a3a5dfc67
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 27 Jan 2023 13:50:50 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9031
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9031
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9031
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9031
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MeE0Qrn_yZvUApGQTbOKQ14Z2ipPLbPFPyVqkKTk0Bs7ETn0UU6yMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:48:43 GMT
age: 57728
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:37:14 GMT
age: 85438
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 57055
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.122.175302 Found 4.7 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.122.175:0
Hash cce39b064be6faec7107b746d6817e90
b8218a1660ad3d1dd5563f220ef44fa3bea24fa7
412d808747682d2d9e4889549a91b12270ae2a4d6e9d4320c7c7fca3b5db7bde
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 27 Jan 2023 13:50:49 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQSQVXKHK2M4W56FQ4J3HG8E-fra
cf-cache-status: HIT
age: 53
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7901f5a6bf9fb51e-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fdefZSZfSJi1-C7ZTSahawckLN-To4P91H-n1cyPqw34f18VzTeHRg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:53:58 GMT
age: 3413
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lkM4qVkPHqOdWwmxP2ShOgbbR6fjFtWmdavpgPyn7SQDkuggfHad7g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:26:22 GMT
age: 5069
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar
138.201.48.112204 No Content 0 B URL HTTP/2 anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8092
Expires: Fri, 27 Jan 2023 16:05:43 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d84f383ade441229a3b8c3bdb440dec1
1a3fe5fbdb453238fd1bba1698ab7e42cc964455
00f8082421d59df44b61e96c4cdf71aec562e572fd3fbebfb2f1c5aa5fa22c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F8082421D59DF44B61E96C4CDF71AEC562E572FD3FBEBFB2F1C5AA5FA22C6F"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5408
Expires: Fri, 27 Jan 2023 15:20:59 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.473.0
139.45.197.234200 OK 1.9 kB URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.473.0
IP 139.45.197.234:0
Hash f03580feaf5669eebd12a6e64d7863ca
af3a2f65d480017473c507526ce836f9059c430c
0febd55af37047e857af78d5f058779ffb1137cc62400eb9a7c369704fc7132f
GET /5/5307591/?oo=1&js_build=iclick-v1.473.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json
x-trace-id: b74d9069390fa57d0b2f275152fbd09c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
oaidts=1674827451; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=b877652d060348faba50cbf08864a1e5
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=b877652d060348faba50cbf08864a1e5
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash dabd7dce3df7290d6cb1fd3aaac2787e
9f07438ec9b8d9bd85094215f3edf3f77f3d6912
5cd08a68ba12742652316e1cee991bb098bc99b3b224a272a6becb4e006c1dac
GET /gid.js?userId=b877652d060348faba50cbf08864a1e5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2dd2e633474f1fd63331566569feb36e
7aa1f210a61b59c7ffa80c6599a4280c7e76877d
db47c77d118f487912c2acd33a4ce2340e0131b8b34f3b01a2ee2a5bf387b7ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB47C77D118F487912C2ACD33A4CE2340E0131B8B34F3B01A2EE2A5BF387B7CE"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18969
Expires: Fri, 27 Jan 2023 19:07:00 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfd17cd0673e02c422ee30439b224c91
76d8fd06c643ef05e4ee54f7f2b4113b472115f5
cf2c45045b5be62241a6531e1321db719eee27112864b6698b5fb5cbc287656a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF2C45045B5BE62241A6531E1321DB719EEE27112864B6698B5FB5CBC287656A"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6502
Expires: Fri, 27 Jan 2023 15:39:13 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 3f5507fec524214597eb979dda879289
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
139.45.197.242200 OK 130 kB URL HTTP/2 nanouwho.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 130 kB (129865 bytes)
Hash dfe25e7c1029063c8c84652f2fe52e77
f22a251c0cf23c77ecdd0c1600f90776a2bf9836
4a2e10643e691b0c8e789b95a2a755d508e117a534784971582b692e260383d5
Analyzer Verdict Alert quad9 Sinkholed
GET /27/dae1eb9bef878cda2f3d5a0907ef4d01 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=661df80d90e34a6f83c203670dd08d9a; oaidts=1674827451
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 27 Jan 2023 06:22:51 GMT
expires: Fri, 26 Feb 2083 06:22:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 382
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 36c9a5395ae30a4771d5e4458ad4e9bb
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 744
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a8526de0b1c87af2c4884170be071837
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b877652d060348faba50cbf08864a1e5
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b877652d060348faba50cbf08864a1e5
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=b877652d060348faba50cbf08864a1e5 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=4120900887&z=5307589&b=16536120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=lroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA&ruid=386d0078-7694-47a0-9d79-6e5554b43aeb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=4120900887&z=5307589&b=16536120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=lroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA&ruid=386d0078-7694-47a0-9d79-6e5554b43aeb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=4120900887&z=5307589&b=16536120&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=lroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA&ruid=386d0078-7694-47a0-9d79-6e5554b43aeb&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=b877652d060348faba50cbf08864a1e5; oaidts=1674827451
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: a46b8bcb49ade92b5c33558d4eb31c9c
access-control-expose-headers: X-Sc
set-cookie: OAID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
oaidts=1674827451; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da6d1131f8c9ad77c09853b9bc65a467
dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba
ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 13:50:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=438526,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7901f5b50878fab4-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 910
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 27 Jan 2023 13:51:19 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ee13ba261974907ff80d665d4a071a7e
04a1629fd77898da83e2cabf7519e51fcfdbfe9a
c16681d370f82a32fcf63857d6e0bde36aeb81e1235602484986536c26c9950d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C16681D370F82A32FCF63857D6E0BDE36AEB81E1235602484986536C26C9950D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6413
Expires: Fri, 27 Jan 2023 15:37:44 GMT
Date: Fri, 27 Jan 2023 13:50:51 GMT
Connection: keep-alive
interstitial-07.com/contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg
139.45.197.153200 OK 25 kB URL HTTP/2 interstitial-07.com/contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 22c3d736b6f5657cde24feae14c9773b
126151dc35c149dad2aa1e7ad40856eda756a0a3
686dabfa96f39e22f655edd3bf99484caf1aa3b63165e6d47ae6c6c2de974bec
GET /contents/s/22/c3/d7/36b6f5657cde24feae14c9773b/0608422639029.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1546850299%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DlroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D386d0078-7694-47a0-9d79-6e5554b43aeb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY1XPN%252Fpython2.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:52 GMT
content-type: image/jpeg
content-length: 25424
last-modified: Mon, 21 Mar 2022 17:16:40 GMT
vary: Accept-Encoding
etag: "6238b2f8-6350"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5caa2b44f546d4d16dda3b5186d20cdd
321796dceaea32633ec414701991c28e4bef7699
ee8ca883755cc12fa8f71b8ed4b70c31f2e24df59abdbd037406bc2abb4c392f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: max-age=132507
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:50:52 GMT
Etag: "63d323b1-116"
Expires: Sun, 29 Jan 2023 02:39:19 GMT
Last-Modified: Fri, 27 Jan 2023 01:06:57 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 86a25231794bbfd3f276118a68cf20f4
ee94ff69230178aa9294348bfe638acce39bda73
8aa3357c026c54209085411a849df78cd14f155d4991330fbd6ad039f8262985
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA3357C026C54209085411A849DF78CD14F155D4991330FBD6AD039F8262985"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6778
Expires: Fri, 27 Jan 2023 15:43:50 GMT
Date: Fri, 27 Jan 2023 13:50:52 GMT
Connection: keep-alive
betotodilea.com/500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 66 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 1109cfe2786f856467e057b5ed340f4d
c6204f8a6432dfd7730ef22cbe7f3270102ac073
7b9f35a0c1bbef448f3cd9fb635d6acc9919220524d498ad5b9b320bb9cc2808
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=e05fbcd969ab4f20a2f4e471b3c4961b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:52 GMT
content-type: application/javascript
x-trace-id: c056a11e2e566c893723b865a2027129
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
104.22.32.172200 OK 14 kB URL HTTP/2 offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:52 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Sat, 28 Jan 2023 09:23:45 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16027
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7901f5b7fbad168d-ARN
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:50:52 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fe9f7afca0d0a9cec4ba3d7ceb8df170
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1546850299%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DlroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D386d0078-7694-47a0-9d79-6e5554b43aeb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY1XPN%252Fpython2.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 4.8 kB URL HTTP/2 interstitial-07.com/?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1546850299%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DlroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D386d0078-7694-47a0-9d79-6e5554b43aeb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY1XPN%252Fpython2.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1556)
Hash 58b5b9040aa8b4cd296d22e9234e5ffe
51cca82ea03eed6fc3e35f717bdf4842908b240c
52d68a95bd260d3e9c6507741cc6e828bff12a6a1326f89a2445961dee6b46b1
GET /?l=fK0qfSEKc3WaGMt&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1546850299%26z%3D5307589%26b%3D16536120%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DlroOJk3tHIjJiChNnTHkUemVj9KtA3QQSNg2KtEkiB9GXdYzAXO1O_iiExYFuwCy5_wMv835TphDs92Xq5fgqvzLzE6FZ1LV7aRrkKdCGoHvFLWZfzUjMAWsGPQ5B0_xKsxO2b3mN7bXEO89Bw1KjKhkc40BLB90oQ6gpsO38_QzJbngZdSscObrU09oKB76LBupFIXK7PmUIebpZriSIMqken7Xo8Btiw7bfg-EvPD4gCt8KhvNxTAzHe-HnWdTmcckBAKeVcsDZYH5FXh9cPc9AENQ2SE3vB4DcJnBjh6cwaXtE5WZCdMSHR8rtjUY8_9GPStmycjf9SYhIb3hCkbtjqnhfziBXnow5Dq34-ukSkH0IBe02yllMcQO0cPX9C_wdJ3rqyeLZoCR73-oRMohyAYmLI9fgWLV7zdtVlm8PZ1kPAZiAhL2K-uFowDPkP-jChKNFVnPfb9mNnk5_OEEmKHOyyY27YDOEtvWH-Ovl3TL6X1abXZDWBkg9QMSV53811HDCmgsf7yRLoucU4FxlETZISREBPp8zmRwL44kQ0rJsgIwDslfUOzzHN227UbcPQGPA7ubdPuQl75TVfyIUHCZPq8aAFaDxxZ_zTYl4CGQoy7XnjYlQLhdopWSGcg9rZwPGVAGXtiQl-ylnaICaHX19UsqRshB9g9JAXwenLepUpItNas4rOFztq7SOf7qYGkWbMu0gEuA%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D386d0078-7694-47a0-9d79-6e5554b43aeb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FY1XPN%252Fpython2.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=_ajQi-zu3y0a3RdTOfVMWcicFx0z7E81LTimNK51BQk; expires=Fri, 27-Jan-2023 14:50:51 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
betotodilea.com/impression/anhuHEZEDFcSY3y-BvhvUotdFnTm6tBPiX302pIXJDnxReK6WOToQZdLuNBimTPJBnhuyQ7E7FQKsSaLC2wV4EI-7SNIf-3J0QqwtVZYxDVsg93dAxd4r3VTmSeAKDTygDBoSQbRQxXUEbrbEwZomNJAk74c_of1xb6avphRG_yoYVj_Y_rmKPIjp1sMChwfDNnpzCuHJBkRrJ-XINDqrubXdE5AAWfFzrSdTbfxtopD4UvEY7wBnDFyPVleHOLE0FNieuhv7c0SXeydvMgU2vrspHCZythbddaWgnL-JUEdbRM5EApccx8b7y1ooKdX71TmPB-KFOx7Ryssd0zFeqVSQ9Gup0utCYtt1ka2PgdkYUPr4KYnOImwGllo7QChuUYz_t8m2kfaGtkPO2f0YHc-GPH0d-tsyhXDpDFi6BlwCkWwpYCQpW-jY1TyOIeEOgsDjxeDRe8FsNrhEZIH3KRL0mxDDeUHSshNN9TI4PbFa-hdOQx8j2v-231F-4Zne1zJLRz7XUPVNLSo5aCfhxgHkjmOGKd7Tz_Wiw==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/anhuHEZEDFcSY3y-BvhvUotdFnTm6tBPiX302pIXJDnxReK6WOToQZdLuNBimTPJBnhuyQ7E7FQKsSaLC2wV4EI-7SNIf-3J0QqwtVZYxDVsg93dAxd4r3VTmSeAKDTygDBoSQbRQxXUEbrbEwZomNJAk74c_of1xb6avphRG_yoYVj_Y_rmKPIjp1sMChwfDNnpzCuHJBkRrJ-XINDqrubXdE5AAWfFzrSdTbfxtopD4UvEY7wBnDFyPVleHOLE0FNieuhv7c0SXeydvMgU2vrspHCZythbddaWgnL-JUEdbRM5EApccx8b7y1ooKdX71TmPB-KFOx7Ryssd0zFeqVSQ9Gup0utCYtt1ka2PgdkYUPr4KYnOImwGllo7QChuUYz_t8m2kfaGtkPO2f0YHc-GPH0d-tsyhXDpDFi6BlwCkWwpYCQpW-jY1TyOIeEOgsDjxeDRe8FsNrhEZIH3KRL0mxDDeUHSshNN9TI4PbFa-hdOQx8j2v-231F-4Zne1zJLRz7XUPVNLSo5aCfhxgHkjmOGKd7Tz_Wiw==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/anhuHEZEDFcSY3y-BvhvUotdFnTm6tBPiX302pIXJDnxReK6WOToQZdLuNBimTPJBnhuyQ7E7FQKsSaLC2wV4EI-7SNIf-3J0QqwtVZYxDVsg93dAxd4r3VTmSeAKDTygDBoSQbRQxXUEbrbEwZomNJAk74c_of1xb6avphRG_yoYVj_Y_rmKPIjp1sMChwfDNnpzCuHJBkRrJ-XINDqrubXdE5AAWfFzrSdTbfxtopD4UvEY7wBnDFyPVleHOLE0FNieuhv7c0SXeydvMgU2vrspHCZythbddaWgnL-JUEdbRM5EApccx8b7y1ooKdX71TmPB-KFOx7Ryssd0zFeqVSQ9Gup0utCYtt1ka2PgdkYUPr4KYnOImwGllo7QChuUYz_t8m2kfaGtkPO2f0YHc-GPH0d-tsyhXDpDFi6BlwCkWwpYCQpW-jY1TyOIeEOgsDjxeDRe8FsNrhEZIH3KRL0mxDDeUHSshNN9TI4PbFa-hdOQx8j2v-231F-4Zne1zJLRz7XUPVNLSo5aCfhxgHkjmOGKd7Tz_Wiw==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=b877652d060348faba50cbf08864a1e5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:56 GMT
content-type: image/gif
content-length: 43
x-trace-id: b037789688dc2d4685dadf2f74a53a65
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:56 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 791d87371d2170b37ae6964ab5fe6f92
09811ba443713d1569a33a528618811fba26f3fa
834a3263f5fd0d8d7db2406eea6129220043fafcbf7c916a2ad7787da59a4565
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=16368912&oaid=b877652d060348faba50cbf08864a1e5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=b877652d060348faba50cbf08864a1e5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:56 GMT
content-type: application/javascript
x-trace-id: e94cb9bba37938b4abe4642198e13ed8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS%2Fdna%2FRERwv5hJtY6vsEeysM7%2FasKHUhqthUxtuTmyIdR76gijCR5U7UBuRjqjucoISN3Am43RRmaKAUyBL6vZ7tY5sflYOwk48kW9cYRXnM65%2FZaGDwVzw49A77A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7901f5b3f91fb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.122.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.122.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 27 Jan 2023 13:50:49 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQSQK8KVJV7FMWPF6VV397SM-fra
cf-cache-status: HIT
age: 336
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7901f5a6cfaab51e-OSL
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP 104.16.122.175:0
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 22654401
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7901f5a72861b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5307588
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5307588
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/javascript
x-trace-id: 96e1768d242194c34c50ab985accaa2a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e05fbcd969ab4f20a2f4e471b3c4961b; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=PDsejvHm5nM-cyn7-hrXZuZ8vjKmuVUPLK--TpX7ZbpClV7a6ei2KbKZq62Cc5nbKONCRuQpV_ynX8aMdG-8gm-bZzkkCbD2-PAP9hVwV8K8rcvi0-swO5raSkGMVmhXJ9RltmRFq8UK_Cs-b2BYPnh7T4cK8D6E_dL3bafcJ1YiaPO9zZfDnBndnJoKe7yaFI_oXwK22NTmDNxvrrT35zK0J2vNOn6T29qzERmEuZM%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=571e2494-1a06-43b3-8003-ba9a0ce7f720&userId=b877652d060348faba50cbf08864a1e5&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=PDsejvHm5nM-cyn7-hrXZuZ8vjKmuVUPLK--TpX7ZbpClV7a6ei2KbKZq62Cc5nbKONCRuQpV_ynX8aMdG-8gm-bZzkkCbD2-PAP9hVwV8K8rcvi0-swO5raSkGMVmhXJ9RltmRFq8UK_Cs-b2BYPnh7T4cK8D6E_dL3bafcJ1YiaPO9zZfDnBndnJoKe7yaFI_oXwK22NTmDNxvrrT35zK0J2vNOn6T29qzERmEuZM%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=571e2494-1a06-43b3-8003-ba9a0ce7f720&userId=b877652d060348faba50cbf08864a1e5&m=link
IP 139.45.197.243:0
GET /?rb=PDsejvHm5nM-cyn7-hrXZuZ8vjKmuVUPLK--TpX7ZbpClV7a6ei2KbKZq62Cc5nbKONCRuQpV_ynX8aMdG-8gm-bZzkkCbD2-PAP9hVwV8K8rcvi0-swO5raSkGMVmhXJ9RltmRFq8UK_Cs-b2BYPnh7T4cK8D6E_dL3bafcJ1YiaPO9zZfDnBndnJoKe7yaFI_oXwK22NTmDNxvrrT35zK0J2vNOn6T29qzERmEuZM%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FY1XPN%2Fpython2.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=571e2494-1a06-43b3-8003-ba9a0ce7f720&userId=b877652d060348faba50cbf08864a1e5&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/json
x-trace-id: b5979abda9477a7d5d1952e8686bb846
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b877652d060348faba50cbf08864a1e5; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
oaidts=1674827451; expires=Sat, 27 Jan 2024 13:50:51 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 03 Feb 2023 13:50:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/Y1XPN/python2.rar
138.201.48.112410 Gone 0 B URL HTTP/2 anonymfile.com/Y1XPN/python2.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /Y1XPN/python2.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 410 Gone
server: nginx
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 15:50:48 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D; expires=Fri, 27-Jan-2023 15:50:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
date: Fri, 27 Jan 2023 13:50:48 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/Y1XPN/python2.rar
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 13:50:49 GMT
last-modified: Fri, 27 Jan 2023 13:50:49 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
nanouwho.com/1?z=5307589
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 9fd182d2249f3995b6629c66c2d2746f
access-control-expose-headers: X-Sc
x-sc: I5tPnIkiad7eluCDwbzN6RBLnIIuhvL4Jz9q74Zll0tefhWLoM4gDqJzJqq9FhaDyQ2fvlvf_BGCy3ovSurFI0FmtyM=
set-cookie: scm=1; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
OAID=661df80d90e34a6f83c203670dd08d9a; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
oaidts=1674827451; expires=Sat, 27 Jan 2024 13:50:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:50 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 887d22d88f708449b80b7e8d5bb6a700
cache-control: max-age=86400
last-modified: Mon, 23 Jan 2023 15:52:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 28 Jan 2023 12:30:48 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCp7Jwdi0VhERhCmOXnKfmSTfJ7FUQQoNzYFdu2jsL87RHYDhdpdFdcYxLyj%2Fmg74AnOnNRuQYLZCcBRNhIersf7Ecmg11x%2Fyo%2B%2BI8eZHXLfWDazqFBtZNhs47beCVI7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7901f5af8da1b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.415
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.415
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:50:51 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP 104.16.122.175:0
GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:50:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 5186831
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7901f5a6efdeb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/Y1XPN/python2.rar
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJxeDRvcjR0ZzhsQnIzR0VNS2E4ZEE9PSIsInZhbHVlIjoieDVwSWdOS3VZVkNqRElVSzJibk1Wd2VrSlB6aVBITy9pbklsK2FOK0doZ0dyQ1VWeFB5bC9jcE5jU1h4TFNxTFJRYkdEVW1iVyt1UjBjdFg5WWZHSnIwQVpDS3MvZWdsYmIzczRnRE9jWUphR3dzeEVXbWFmcGM0c2NPOVB1ZmMiLCJtYWMiOiI2YTRmOTA3ZDdkNjAwODA4NzI3ZWI3MDYxNjQ3ZGRjMDNlNzRkYjdkZmU0MmQ0OWQ5ODlkZWZlMjFkODI2ZWIyIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhwZC9SMkpXdEFZdGxBekFVWHlLRHc9PSIsInZhbHVlIjoiZDFwcTRLTllaeWJoQW5vT0FzRE1ZcnJiazljRW5lRXhQbDRFa3UwUnc0TE41WnNkZFJxYTFSeFlQNXFTbTZ0SHdvWGloU2lUYVZRSGJyVkVqc09vdmtVSWlYS3FDeHBuMXVmNmIxS1duZXc3UnBFMUR3b0V3REhicVdIR3F6ajgiLCJtYWMiOiJlMDI5NTY5NDY4ODc2MDJmZGI3NjZhYTQ4NDIxY2E1MGIyZWYxMjI0YjY1MmE5MDg4NzI1NjVmMGM4ODM5ZDZkIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Fri, 27 Jan 2023 13:50:52 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2