Report - anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript

Report Overview

Submitted URL
anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
IP
138.201.48.112
ASN
#24940 Hetzner Online GmbH
Submitted
2023-02-08 09:14:36
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fleraprt.com	unknown	2022-01-14T23:55:14Z	2023-03-13T06:33:10Z	486 B	482 B	139.45.195.254
betotodilea.com	52465	2021-08-17T09:55:50Z	2023-03-13T05:31:16Z	3.9 kB	36 kB	139.45.197.237
inklinkor.com	unknown	2022-04-01T13:44:00Z	2023-03-13T06:35:03Z	358 B	1.1 kB	172.67.211.29
anonymfile.com	unknown	2022-08-09T22:53:13Z	2023-03-12T22:49:39Z	10 kB	296 kB	138.201.48.112
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	3.3 kB	229 kB	104.17.25.14
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.112.186
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	422 B	743 B	139.45.195.8
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	5.1 kB	13 kB	23.33.119.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	337 B	1.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
interstitial-07.com	36198	2017-03-09T01:00:07Z	2023-03-13T05:31:16Z	4.4 kB	245 kB	139.45.197.152
unphionetor.com	54035	2022-02-11T13:53:49Z	2023-03-13T05:31:17Z	846 B	3.6 kB	139.45.197.236
onmarshtompor.com	24517	2020-10-19T14:36:32Z	2023-03-13T06:56:57Z	1.0 kB	978 B	139.45.197.243
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3.1 kB	5.2 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
ibrapush.com	unknown	2020-04-18T16:40:35Z	2023-03-13T09:49:24Z	3.1 kB	44 kB	139.45.197.250
offerimage.com	304078	2019-06-10T13:11:53Z	2023-03-13T08:06:22Z	850 B	28 kB	104.22.33.172
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	369 B	19 kB	151.101.129.229
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-13T08:09:51Z	1.7 kB	4.3 kB	104.16.122.175
nanouwho.com	unknown	2022-07-09T22:30:29Z	2023-03-13T05:15:46Z	1.6 kB	142 kB	139.45.197.242
tzegilo.com	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	356 B	832 B	104.21.89.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	fleraprt.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	unphionetor.com	Sinkholed
2023-02-08	medium	unphionetor.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	103 B	2023-03-13	2023-03-13
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash 7459ba574647645f1575d463349c689c 199bcc817ce426c83c1c69ea5b76ca8cd48822fa da68f29b97b7cb92046e52e09612a2aba527281078a74663659cff4a0ac41969 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js	59 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-10 20:20:08 Times Seen3382 Hash 259e416ef6833be43801b8b68a93b008 19080c3b817985336aab5e1ce6925c99803f2efd 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	40 B	2023-03-07	2024-05-10
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-05-10 18:57:47 Times Seen4779 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	betotodilea.com/400/5307588	84 kB	2023-03-13	2023-03-13
Pretty URL betotodilea.com/400/5307588 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash 12d0c5eb5da5940c6e66b84a4aa1bb67 dd7c4d95769cbca76e96a79ac80a0ac640962996 e2dfedddac00ad27371b661343904ec213a6276cbd66d5e10f9a5f8abd424507 Loading...

	nanouwho.com/27/2d5af85c6f57387d328e80fd371b500a	410 kB	2023-03-13	2023-03-13
Pretty URL nanouwho.com/27/2d5af85c6f57387d328e80fd371b500a IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:15:04 Last Seen2023-03-13 19:36:36 Times Seen1 Hash 5aeedd8717f42da2c13d3c24e2feede8 7cc42f30496e67e7bc6c111f52dfe48802b58f58 db02a409a1b576108150673b879d5078d39eeb445ee8b9daa433e61ab262b29b Loading...

	interstitial-07.com/?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0	1.6 kB	2023-03-13	2023-03-13
Pretty URL interstitial-07.com/?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 IP 139.45.197.152 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash da8fdffd834f1bbbc238f1a0b15facd7 171f10cc42001699b57ee5fb3e065a2dbd237841 032da455d363f5d0b8a3dcffb27f86f9d310c6b9351de188085c15b8801d2c90 Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	213 B	2023-03-07	2023-08-29
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-08-29 21:14:02 Times Seen131 Hash ccea0e1846102f4f1ed17644f6c6baa6 e43c87b583bef9f3e325ab7bf9ccf4a1f80bc35a e84714cb230edad68ac36e473976e94ca40d378d53fc1b7b539c03879f7ab887 Loading...

	ibrapush.com/pfe/current/tag.min.js?z=5307590	15 kB	2023-03-13	2023-03-14
Pretty URL ibrapush.com/pfe/current/tag.min.js?z=5307590 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:16:15 Last Seen2023-03-14 05:20:20 Times Seen1 Hash f37ecc39dc4f3f4f4f5427f26813cf28 5a167a66a9fd08f47a7c688a61f994064c7de22e 59197f385292a6620e439f1b15a990ec57a75bcfa0e2a95cae10606642cb4136 Loading...

	nanouwho.com/1?z=5307589	18 kB	2023-03-13	2023-03-13
Pretty URL nanouwho.com/1?z=5307589 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash b4e0177c641da2560767c996f2f56e00 5a57f4d7cb938c242c85722f6aec717215d57f6f 668aae91c3e3338a5678a757b01804bbb74cc5d898d8ef3bd7992adf1c6d1056 Loading...

	anonymfile.com/js/site.js	6.5 kB	2023-03-07	2023-12-13
Pretty URL anonymfile.com/js/site.js IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2023-12-13 20:16:01 Times Seen190 Hash 643fea0198e4fb9e271ddd811cf34f68 0d8277c1cde619b82a6867bc17cfdbbcd6674a46 f68f8db8d8fe95d02e60e2f4f97c74e4eb521d845cee1c7d53bec6159dc92ad5 Loading...

	unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js	6.8 kB	2023-03-08	2024-04-25
Pretty URL unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:17 Last Seen2024-04-25 20:59:34 Times Seen654 Hash 5ab1c9fe6f2ca02b78083699d8109be5 99aa73a69b0ee070162ff7a2a8b70005ebb48565 845b2368dce026b72f19715d6de81f03fef056e4a79c718a658161a1f7b03b3b Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-10 20:20:08 Times Seen2426 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js	118 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-04-25 20:59:34 Times Seen1060 Hash 516f35ea42aa797b3b106a8f108edb88 9b1313b221c5d59835c31da0327f4273a2647174 9677264de392aeedd3b391fe53578415c87835405d14068380f9bf3970a48286 Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js	11 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js IP ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:42 Last Seen2024-05-09 21:26:45 Times Seen710 Hash 27784b7376dd992368c71b6c5559f358 f86d2ac408c4de0d5281cf91d6ddfb93e5e5d2ff 11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a Loading...

	tzegilo.com/stattag.js	17 kB	2023-03-13	2023-03-14
Pretty URL tzegilo.com/stattag.js IP 104.21.89.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:04 Last Seen2023-03-14 07:35:08 Times Seen1 Hash 0576b696d0d93d3d09a14184fd321641 54ae6d8827838d84d082db92a01fe8534c6f3782 a79a9f73119b87e83d5762597cd84b735e443825d2e320e8f55693843ae5bacc Loading...

	unphionetor.com/fv.js?t=72747&cb=1736871566	5.2 kB	2023-03-07	2024-05-11
Pretty URL unphionetor.com/fv.js?t=72747&cb=1736871566 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-11 00:17:31 Times Seen2378 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	inklinkor.com/tag.min.js	74 kB	2023-03-13	2023-03-13
Pretty URL inklinkor.com/tag.min.js IP 172.67.211.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:30:17 Last Seen2023-03-13 20:16:57 Times Seen1 Hash 1ad71e63ae1f75e2fb8b6c88e6b773d0 b265d824a991eb1eac2e176dc7be4b06dfda5136 976c850ea45f5b66b189249d6b96cfd966dd9fe80ae9e3c58759a3c9dff815da Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:15:19 Times Seen37534578 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	64 kB	2023-03-13	2024-04-30
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:04:22 Last Seen2024-04-30 12:33:00 Times Seen19 Hash 3c20edbd74469f415ee1fa5b36967a68 c3e1b2a9386f9c741c7e4167a39167b4c072db62 635eaa9a4e79926e1b844ff3e9eb694ec5277c81ea87de6a4786a5dbc9003c45 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-11
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-11 04:12:11 Times Seen270405 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	193 B	2023-03-07	2024-01-15
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-01-15 22:34:31 Times Seen141 Hash 4b7b08e36b07601453ef10bef59afe1e 1f0003567c5e86d6fc129bbf62384e04ca2a1a2f f54132e87f4227d9e6ccf534bb92ff7746c7fb734ab9eb7197c0810ea6b52c52 Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	1.3 kB	2023-03-13	2023-03-13
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash 8755890ec9f33f2e8261fd3ea229a43e 78d01b96def8fa2907354f4e2e83db9c850ce9bd a3ac08b7a51b428e6df160e0c116ec4731576f10c54c780082ac06c894513d52 Loading...

	unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js	7.4 kB	2023-03-07	2024-02-08
Pretty URL unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-02-08 07:46:02 Times Seen604 Hash 6170d2a086cb1d5769c6fd1f76edf99b d61c541caceb4e5deb35d8642702b89091a8bb42 6fc678b64782a17a266b5675e195be5956efd7513fd228143901b427983df928 Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	4.0 kB	2023-03-13	2023-03-13
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash 467dd736743957d4cbd3560ccac647ab 72559668ad2ef8d1057f0b7b7759bf6a2c515dc1 b7d0695c264223484181252dd67f9872bd4ff4976c81da03226bb63950491701 Loading...

	anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript	102 kB	2023-03-13	2023-03-14
Pretty URL anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript IP 138.201.48.112 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:15:06 Last Seen2023-03-14 05:20:20 Times Seen1 Hash e0abdbf1baa12630b698c7123270447e b046d1b2e37a1fe9d6b38b252b31fdd1d10b4d1b f5e055cf89cd683ebd6c951e0f0c7c556a6d346d8f6833340f3e87bff51a861b Loading...

		Size	First Seen	Last Seen
	#1 Eval - ffc0d66356328b3f074251ce6d852710	80 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 19:36:36 Last Seen2023-03-13 19:36:36 Times Seen1 Hash ffc0d66356328b3f074251ce6d852710 2be4ab89e2428f029e47a6dd81925b484e3c54b5 781eab09da043289aa5e14c776eceb9c53388dd56646fdca0c13382393a7e539 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (84)

URL IP Response Size

anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript

138.201.48.112

301 Moved Permanently

162 B

URL HTTP/1.1
anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /596Bj/fivem-stellexec.rar?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 Feb 2023 09:14:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Wed, 08 Feb 2023 10:51:31 GMT
Date: Wed, 08 Feb 2023 09:14:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7980
Expires: Wed, 08 Feb 2023 11:27:25 GMT
Date: Wed, 08 Feb 2023 09:14:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 08:34:12 GMT
content-type: application/json
age: 2413
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2551
Expires: Wed, 08 Feb 2023 09:56:56 GMT
Date: Wed, 08 Feb 2023 09:14:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FuCIV3riptBygIj5tybclf/Q3YHBd/VAidVMcYYgxhBExCzTM4Pnk0PTEGoBPn0A0opRMuPAJA7D35P7EDI3Lg==
x-amz-request-id: FDP8B52D07J8P77F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 08:45:54 GMT
age: 1711
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3311
Cache-Control: max-age=129952
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:25 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:20:17 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6246
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:25 GMT
Last-Modified: Wed, 08 Feb 2023 07:30:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3311
Cache-Control: max-age=129952
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:25 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:20:17 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6246
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:25 GMT
Last-Modified: Wed, 08 Feb 2023 07:30:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4091
Cache-Control: max-age=130732
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:25 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:33:17 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

anonymfile.com/css/theme.min.css

138.201.48.112

200 OK

75 kB

URL HTTP/2
anonymfile.com/css/theme.min.css
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
75 kB (74661 bytes)
Hash
8b61cc26bfb7e13d1ebf3e9639914e51
7b8d4de2b1884b3c1654cfbde0e8a6f3885a3f66
f27b9cd4b89d6729e328f65b08114323077a61b6761865aa160785073f57bbb0

HTTP Headers

GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74661
etag: W/"PSA-aj-TDax0QZn8Y"
date: Wed, 08 Feb 2023 09:14:25 GMT
expires: Wed, 08 Feb 2023 09:18:09 GMT
cache-control: max-age=223
X-Firefox-Spdy: h2

anonymfile.com/img/logo-anon-warning.webp

138.201.48.112

200 OK

15 kB

URL HTTP/2
anonymfile.com/img/logo-anon-warning.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15344 bytes)
Hash
7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972

HTTP Headers

GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Wed, 08 Feb 2023 09:13:09 GMT
expires: Wed, 08 Feb 2023 09:18:09 GMT
X-Firefox-Spdy: h2

anonymfile.com/js/site.js

138.201.48.112

200 OK

2.0 kB

URL HTTP/2
anonymfile.com/js/site.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5640)
Size
2.0 kB (1993 bytes)
Hash
a779d1605363c034784168e0553fee12
203adaeac5eec419f7bdf4ba6840c9378c9692e5
0ac5db7b1ae244540526d4c971799e4c8ba3f5921dda88b94d10d2cb6a730bc6

HTTP Headers

GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 9351
vary: Accept-Encoding
content-encoding: gzip
content-length: 1993
etag: W/"PSA-aj-ZD_qAZjk-5"
date: Wed, 08 Feb 2023 09:14:25 GMT
expires: Wed, 08 Feb 2023 09:18:10 GMT
cache-control: max-age=224
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6087934
expires: Mon, 29 Jan 2024 09:14:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fU%2BGC4I%2F1Q0MruavENRIJKxX5ZVLZmRrUZK073Az%2FWGzIAjGK87l9LU%2Ba5cHf3viS7EgBfDqco2yD3fmYAi8b7N0yzAwAzIb634MSi50x64oVqfAZhyNCiRC2Rcr6v0OA%2BuuPbL1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79634147fd091c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js

104.17.25.14

200 OK

6.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18706)
Size
6.0 kB (6037 bytes)
Hash
3773d4bd82b03cdfd02c9fd691f80d78
c4d89a2de179c90944835571b45877048f3c1424
5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d

HTTP Headers

GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1649239
expires: Mon, 29 Jan 2024 09:14:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APbIl1C%2FLB7fU7zeWhnJsFfQPp3n645rAD2zukqbpCX8prhyXT3q4bd4axAuwKx4ZWjPJRWhyD%2FmJpVtUdSkGJWKuDFIEJpFSFCO%2B7rFBLY3KBD85rd43xIegqJM8LsJoZkfDZNv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796341480d281c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.129.229

200 OK

18 kB

URL HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43315)
Size
18 kB (18041 bytes)
Hash
34245e47533a6bbe4e69f65aa0297dcf
6649da8177cd2018da3bdcef74aac77931fb470c
9db43754d594eb4c0d021c4b62b3b4a0e13b455d8130f33e845523e9f0c43f7e

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.1
x-jsd-version-type: version
etag: W/"fb5c-w+GyqThvnHQcfkFno5FntMBy22I"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 09:14:25 GMT
age: 8576
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18041
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js

104.17.25.14

200 OK

15 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58940)
Size
15 kB (14584 bytes)
Hash
28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362

HTTP Headers

GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7229406
expires: Mon, 29 Jan 2024 09:14:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTgfLJ4tiL%2B8C6JW0NSKG1iAfI11qtcHv%2Bp4xX3SSCOlV7CTkwNP19e%2B4P%2BkrUQ5lkzjLjO8SnfZdSphKpqlcrF1cmXH0SPTjFTjPcxW4%2FrrVSUOmyZccjhQ8iXzigvFNr%2FuVU%2FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79634147fd0f1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65370)
Size
30 kB (29707 bytes)
Hash
d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e

HTTP Headers

GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16891553
expires: Mon, 29 Jan 2024 09:14:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlsUNinR11SlkmbRV44dfOPf7qjRpOeUMqxCrwoBd5Gy%2BTw4N4i%2BogVt6QCTVSQ4GjeevYXhhvQlqqnua3Bjat9U2IXJT8yqLnWL4%2BvYnkGxSRdvI9n8Q3cs2rDJyu1YuQ1%2Fu9GE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796341480d241c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js

3.0 kB

URL
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP
:0
ASN
#0

File type
data
Size
3.0 kB (3000 bytes)
Hash
e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a

HTTP Headers

GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

anonymfile.com/img/main/footer.webp

138.201.48.112

200 OK

178 kB

URL HTTP/2
anonymfile.com/img/main/footer.webp
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
RIFF (little-endian) data, Web/P image\012- data
Size
178 kB (178070 bytes)
Hash
79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8

HTTP Headers

GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Wed, 08 Feb 2023 09:13:10 GMT
expires: Wed, 08 Feb 2023 09:18:10 GMT
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js

104.16.122.175

200 OK

2.0 kB

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.0 kB (1990 bytes)
Hash
a2f4eafe0eed2c1eccdbce581f5a0b76
72d6b9720078fc784caf25523a77603a542b31f5
3b8f876080acfae9e0d37f23ecdace64d767334ddd32fc8685ea0c5e2d893537

HTTP Headers

GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 6207047
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 796341480f200afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3312
Cache-Control: max-age=129952
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:26 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:20:18 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
72fb220de7b03735de9aeb3d08667162
cce7de9fe6586e3ac76f6b045b5c18c8f974af55
f78b281cc34715e0cd0fecc589e8aa4468d95e7b6269ca30f579b16cf4ad6314

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 09:14:26 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "ED266C6F17D2F6031765F513179784BC8B832CE1"
Expires: Wed, 08 Feb 2023 21:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 75
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796341493abdfac0-OSL

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

104.17.25.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65345)
Size
14 kB (14374 bytes)
Hash
642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:26 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16727584
expires: Mon, 29 Jan 2024 09:14:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loAAR3AyvQFqFZGA%2FDdUOe65JyVnwWK6cwCIX5jbCXYBmGdu8%2F26FJ0XBH61vy4aTfN3WhZrh2ya1vePh5lNJU3UsX3kAwZPkmoRO2khEz0h%2Bev0WYdK3aSK7F7TW%2BWoG1QWPdP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 796341493e3e1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css

104.17.25.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with very long lines (17282)
Size
2.9 kB (2934 bytes)
Hash
78aabb09e30a9eb6f833cbb1b48bdb2e
e876ff16b6c511bc217973e51202aaaf23a4e936
8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae

HTTP Headers

GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:26 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1031906
expires: Mon, 29 Jan 2024 09:14:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NquQ3qTrzu41Y2PF16CkFsF3C1PHcn9UjdyAtLFdUKdloFdzFr54rzLNKLUXS4XYVXv06gWbQLoq8v2MENDd3rVK2Vqwp3DXL6oJ9LvoH%2B9GGNs2UD%2FQhHjrMo2I4jiuFcbJNL1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79634149beac1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

123 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 122760, version 768.66\012- data
Size
123 kB (122760 bytes)
Hash
d1bea16f470ff27ca26131a867131fda
c1e34985d239716f1f236b932f2ecf4fb4c167d2
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777

HTTP Headers

GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:26 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 122760
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-1df88"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4194335
expires: Mon, 29 Jan 2024 09:14:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcsY15wZ0FYuIImYd4G7bkUIHJPIXst0UdEIlOyJHpF286EFydja4C5sSZlqnUim1rldnfV29D%2BxtCJx45Chh6ZLyzdJREB6JxsYlDq3h8igdFsJLH9W7srbPjxMxv%2FFteVElO9A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79634149cec41c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5084
Expires: Wed, 08 Feb 2023 10:39:10 GMT
Date: Wed, 08 Feb 2023 09:14:26 GMT
Connection: keep-alive

push.services.mozilla.com/

52.26.112.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.112.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m7yAUz6wFcdHRNrlRMNZvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sn1YedQQvVnhbQijSIbrXneSIt0=

anonymfile.com/img/logo-anon-warning.png

138.201.48.112

200 OK

22 kB

URL HTTP/2
anonymfile.com/img/logo-anon-warning.png
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21479 bytes)
Hash
4332367bd6f2c12da86e4ab20157daef
027b329b8b50972ee035b4e4f3cb9a3c080aba31
a7a91652e8153a80b1270b5fdb1d1e1e880ad9580e298040df1ed1b024699eb4

HTTP Headers

GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 21479
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-original-content-length: 40729
etag: W/"PSA-aj-QzI2e9bywS"
date: Wed, 08 Feb 2023 09:14:27 GMT
expires: Wed, 08 Feb 2023 09:18:10 GMT
cache-control: max-age=222
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
96678f6c0d2bd79e1881f123c3b08e24
f9d0db9670587818b9a239e959e8ff77a8897442
778c46a7286484335eb56b63879185db601810a5b76b7e7c6784328a39991104

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:27 GMT
Last-Modified: Wed, 08 Feb 2023 08:40:18 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
96678f6c0d2bd79e1881f123c3b08e24
f9d0db9670587818b9a239e959e8ff77a8897442
778c46a7286484335eb56b63879185db601810a5b76b7e7c6784328a39991104

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 784
Cache-Control: max-age=118767
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:27 GMT
Etag: "63e291d2-118"
Expires: Thu, 09 Feb 2023 18:13:54 GMT
Last-Modified: Tue, 07 Feb 2023 18:00:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar

138.201.48.112

204 No Content

0 B

URL HTTP/2
anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 08 Feb 2023 09:14:27 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7f32addc23634c5f55fdd92c9f6d11e8
76f1d272abe4599e132cdcda6211703574d34024
646dcc0838b646cf96a628ecf41b2a7ef50657868d2679c692984f82d046c9d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "646DCC0838B646CF96A628ECF41B2A7EF50657868D2679C692984F82D046C9D3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15963
Expires: Wed, 08 Feb 2023 13:40:30 GMT
Date: Wed, 08 Feb 2023 09:14:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Wed, 08 Feb 2023 12:54:37 GMT
Date: Wed, 08 Feb 2023 09:14:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Wed, 08 Feb 2023 12:54:37 GMT
Date: Wed, 08 Feb 2023 09:14:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Wed, 08 Feb 2023 12:54:37 GMT
Date: Wed, 08 Feb 2023 09:14:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13210
Expires: Wed, 08 Feb 2023 12:54:37 GMT
Date: Wed, 08 Feb 2023 09:14:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10058 bytes)
Hash
a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 40102
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8629 bytes)
Hash
02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 39557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9108 bytes)
Hash
7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D3DmTtciv2wzm5T0eQJopJiXCkHWZc1PlbVdbsBbJaquGcT1HoIZhg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:40:04 GMT
age: 2063
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7303 bytes)
Hash
7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:10:04 GMT
age: 3863
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12772 bytes)
Hash
2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:57 GMT
age: 40830
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4168 bytes)
Hash
845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f90qZAgSmdYFuW_BDTZVivBlk_c5SrirTSeJmvoysOmCcOjxtFZrbA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 41544
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62682535c439a55b781222ec36a7fd3a
1d751ec0b7599f4fc9b80e876cf52f1427a70c23
623daa175f96467b32eeed5e2d2c6152265c8e6f7df3d2fbaa7462902471a006

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "623DAA175F96467B32EEED5E2D2C6152265C8E6F7DF3D2FBAA7462902471A006"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Wed, 08 Feb 2023 10:14:24 GMT
Date: Wed, 08 Feb 2023 09:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c14e228f19415f2af825294ff401241
dabb4fa3c22980b27aa873fd8aa429366655c95e
df9ed274a8026ea08f348145695717b6f8a11fa8f3c14e60b30b4cd60f7e2fde

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF9ED274A8026EA08F348145695717B6F8A11FA8F3C14E60B30B4CD60F7E2FDE"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3515
Expires: Wed, 08 Feb 2023 10:13:03 GMT
Date: Wed, 08 Feb 2023 09:14:28 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=f66f08793072410f969d8ad7ab4dc400

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=f66f08793072410f969d8ad7ab4dc400
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
d50dcfb999488093736c2c933a67e6de
ade989fd235a614f34ac9d149ba24f390ce2d3be
4081a02163bc3550520409b456ebfcdf0351d7fa81444726c862ff9d05d28709

HTTP Headers

GET /gid.js?userId=f66f08793072410f969d8ad7ab4dc400 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f66f08793072410f969d8ad7ab4dc400; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f4fb4444ea49aad820b288f22467c1a
eedf347d8e17bbda185f44e0f1b268a07e6c647e
38515b8ef80e3c5be4cc9400d38de18d376ffc3a83851f50530be6431d2eaf32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38515B8EF80E3C5BE4CC9400D38DE18D376FFC3A83851F50530BE6431D2EAF32"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9560
Expires: Wed, 08 Feb 2023 11:53:48 GMT
Date: Wed, 08 Feb 2023 09:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f4007f5a7f8ae8f8f2a5512aeab92424
331c535bf6b89049136868d10ce149a14271a990
1fd8100e7ed65cfaa69fff725cae7b4d08b8ff29e70ec836193486dd02d86e6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FD8100E7ED65CFAA69FFF725CAE7B4D08B8FF29E70EC836193486DD02D86E6C"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11881
Expires: Wed, 08 Feb 2023 12:32:29 GMT
Date: Wed, 08 Feb 2023 09:14:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e6657bba96c516bd2ec6e55339e1fc95
a3eb624638dacf67bb0bf02b5edd9c1c6b2fe13b
ff7288fb49e683f6a0e559771dd8bcc9a329ed2be0ff2da049a1860d5d9e632b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF7288FB49E683F6A0E559771DD8BCC9A329ED2BE0FF2DA049A1860D5D9E632B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15691
Expires: Wed, 08 Feb 2023 13:35:59 GMT
Date: Wed, 08 Feb 2023 09:14:28 GMT
Connection: keep-alive

ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=

139.45.197.250

200 OK

664 B

URL HTTP/2
ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (663)
Size
664 B (664 bytes)
Hash
924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c

HTTP Headers

GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 7978251dd4692412ae6707d7f359a05b
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/universal.min.js?v=3.1.418

139.45.197.250

200 OK

34 kB

URL HTTP/2
ibrapush.com/pfe/current/universal.min.js?v=3.1.418
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
34 kB (34321 bytes)
Hash
e613b27b2684c8b5d35ccd874b8bfa2a
0c00288ae5d16490ffdb3a77e9dc3a877aaea162
be3d2a0068dab12ddbc6f9750aec0cd026d4c047f35477b4ada2253a85016933

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.418 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:42 GMT
etag: W/"63e2610a-19082"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/tag.min.js?z=5307590

139.45.197.250

200 OK

6.0 kB

URL HTTP/2
ibrapush.com/pfe/current/tag.min.js?z=5307590
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
6.0 kB (6038 bytes)
Hash
cd2b699d9326fe01b82b6aa13b757c86
baca6391fe158b2aab05285d2dc1cbed4995e565
5080ada091cab016d7aa1cf3dc8077c5a341f730caf463cabd374c1dc883ccd4

HTTP Headers

GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:42 GMT
etag: W/"63e2610a-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 773
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: af485b354668b7db594c79ece2c44c54
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1211
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 Feb 2023 09:14:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

nanouwho.com/1?z=5307589

139.45.197.242

200 OK

7.0 kB

URL HTTP/2
nanouwho.com/1?z=5307589
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (17093)
Size
7.0 kB (7045 bytes)
Hash
ef7032ceb80a05d927aa7c3ad58641aa
9c90e945382b02e0d08420ba5669b28502c9b72f
361633bd48660843c419bf3159ecd5fd6cf84cf74afbce780df2ca5e34e12049

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: addcffd45c2586bb74f0f0e2c2ef57b8
access-control-expose-headers: X-Sc
x-sc: _-EpQP9S0_H44zDzKySHosgX-gKCOX7rPPnXAJVEuzHb1OxnDTjVFeUtR-j5JYnM1AP810zarxpPKLTUDraFqWWKjc4=
set-cookie: scm=1; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
OAID=4cd43953ae0d4279a9c1791bf38576c3; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
oaidts=1675847668; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

nanouwho.com/27/2d5af85c6f57387d328e80fd371b500a

139.45.197.242

200 OK

130 kB

URL HTTP/2
nanouwho.com/27/2d5af85c6f57387d328e80fd371b500a
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65523)
Size
130 kB (130055 bytes)
Hash
c0dfee6ed3875457fa06b9af6d5dd7a0
8696bc4708a096eb2dcaeebbbe56ec9056e87ab2
18611ccde99edd336db686b16469c62f4fe7cb76dfaaf35bc166affa932b4d1f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/2d5af85c6f57387d328e80fd371b500a HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=4cd43953ae0d4279a9c1791bf38576c3; oaidts=1675847668
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Tue, 07 Feb 2023 11:34:00 GMT
expires: Tue, 09 Mar 2083 11:34:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=f66f08793072410f969d8ad7ab4dc400

139.45.197.242

200 OK

2.7 kB

URL HTTP/2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=f66f08793072410f969d8ad7ab4dc400
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (6534), with no line terminators
Size
2.7 kB (2741 bytes)
Hash
7d87f211e52dc7c55c7189fed2bba7de
9895056ae4671cc9aae8d55bfa3d309686e7fe91
226e483fea1024b0a13ea3b102e6fa9eb2c5d68cefb86c869f47e09f4902e160

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=f66f08793072410f969d8ad7ab4dc400 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 121
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=4cd43953ae0d4279a9c1791bf38576c3; oaidts=1675847668
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: a22b2953ee2c46083b410ecec0bf91fa
access-control-expose-headers: X-Sc
set-cookie: OAID=f66f08793072410f969d8ad7ab4dc400; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
oaidts=1675847668; expires=Thu, 08 Feb 2024 09:14:28 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/400/5307588

139.45.197.237

200 OK

32 kB

URL HTTP/2
betotodilea.com/400/5307588
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
32 kB (32264 bytes)
Hash
3cbe1b7dad0350ce22c4b61e8e48dfb8
3bf77bcaebdffde9c124b0c0e02abe9f4d9c799e
59b62dd0b48b54f3d9f3eb2d1b48ef08bc415e21b0d3261c35d12c76be1181e5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
x-trace-id: 0e1e39341a3c6d531c57ee097a46126e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=15527f1370a9406db258be5018402257; expires=Thu, 08 Feb 2024 09:14:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
31b43452695cd13fe96bc1d9972b319b
b31e47802e563f5260e243a7a06f1275a0dd1308
88127788e8947cc1d3664b8ca9ca8a549c4a1aad32a74110cec2a3d05e579705

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 09:14:28 GMT
Last-Modified: Wed, 08 Feb 2023 08:20:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg

104.22.33.172

200 OK

14 kB

URL HTTP/2
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
14 kB (13778 bytes)
Hash
7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620

HTTP Headers

GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Wed, 08 Feb 2023 09:25:12 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 85756
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79634159a8629930-ARN
X-Firefox-Spdy: h2

interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png

139.45.197.152

200 OK

45 kB

URL HTTP/2
interstitial-07.com/contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png
IP
139.45.197.152:0
ASN
#9002 RETN Limited

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45133 bytes)
Hash
36d8c29c866059b85b47752a6cc71b81
2d877eabf6710f66f5d7a3e265de997cf258ba32
0bbd2d8d16b4fd96c0a0dabecbd05ca573b30cd7079950d73b5dd68bde69a27b

HTTP Headers

GET /contents/s/36/d8/c2/9c866059b85b47752a6cc71b81/01636574006222.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: image/png
content-length: 45133
last-modified: Thu, 14 Jul 2022 23:23:43 GMT
vary: Accept-Encoding
etag: "62d0a57f-b04d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.10

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.10:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47114ee8db62314101353ef87c610f04
9f676acb42eeb3fc2808d2100f1411d7cc3ef239
cd1ca767877e877c1555495006b3422f2605e701a081550b6e1899a4b244a0c9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD1CA767877E877C1555495006B3422F2605E701A081550B6E1899A4B244A0C9"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11022
Expires: Wed, 08 Feb 2023 12:18:11 GMT
Date: Wed, 08 Feb 2023 09:14:29 GMT
Connection: keep-alive

interstitial-07.com/?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

139.45.197.152

200 OK

199 kB

URL HTTP/2
interstitial-07.com/?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP
139.45.197.152:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1689)
Size
199 kB (198903 bytes)
Hash
6a001c64123e3e324584a08db7f4bebb
36b51dc21fd3abb83ab09140b62dc9f4c6592e64
7ab049e723a095167e8e5ee606cd48ea6508a1d335c8665c0e3cf267b82e5363

HTTP Headers

GET /?l=9b0delICK3pIjOt&cd_meta_crid=50538&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3707124089%26z%3D5307589%26b%3D14148810%26c%3D5901940%26var%3D%26d%3Dhttps%253A%252F%252Fred.forexpeacearmy.com%252F62cddf3c85e2d000019d78f1%253Fsub1%253D%257Bzoneid%257D%2526sub2%253D%257Bcampaignid%257D%2526sub3%253D%257Bconnection.type%257D%2526sub4%253D%257Bbrowser%257D%2526sub5%253D%257Bos%257D%2526sub6%253D%257Bcountry%257D%2526sub7%253D%257Bbannerid%257D%2526sub8%253D%257Bisp%257D%2526sub9%253D%257Bdevice%257D%2526ref_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%26cln%3D1%26btp%3D7%26rb%3DZxpVJMtwZZ2PzxaEa0xOEDAUxetQlMLjrjxnje0RC_JCBjLp9upqOZJgKUGgAF0cUlBSbkqVvrApEIZyWLLMaNmh3Acc6wbYfish9BgHVbPrwVXok_63zU-dfXILYB-XFlaAqJ4gIPSBDWM6l8ULtPtiAnjO-ugKyM-kwpUO-fiflS3cdx2-Ggw_nXNanL5aWPiO7nmMl2wx8ZSwx2bz7NLV5F_G19p1jNAzmDHxArtoW5r2qnEYzWnELB5zXh-Eup_v_LE-wnR1iBHYD0SU_rM0H67_Uc47ikbL8l9fkcRaulZuGZo2vM5Lg_y2jAt1g8GqbWJbQenoBHlUIg8mF0ckYlaarCU1rlhwwy06ZJMF1ljUsZp_vdhLKhkclVYeJLxf_lncjW630yJr1NHlXTRh6DwF9RLh1QjJ2-n1cXQd2PXfjn74MsFG1-7mihxKpgPSOSzy1JjADpGpFxRZdbfKG-VpD3M2xDqBnED4CQ7QMoJHutXPxw-BOqCyL0U99mhDj2dley_Nmdiqrh2Hi81dyEjH0d0mqNbSny3rYstqe8Hcj04A7yaaGD6HmKD_ixP0ju7Yd-f65dEIyQncxU8-Pff6b35TTW74_vAJJvF70u-3sXdFpoyllnE7uVIMP58IdfXattmF9CeJkXxu41ekGWJ5meBqaH2CLhn_sJF6vk0MC0ZvBA%3D%3D%26bag%3De5WiNa3QjVf4u1jVtO_1dw%3D%3D%26ruid%3D3818cbe3-38a1-4a76-aeff-1249f91dd332%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F596Bj%252Ffivem-stellexec.rar%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=ymj-1ulZG3Dcda7WChV38fhkXGrdHI-v3oL4q9QtF8o; expires=Wed, 08-Feb-2023 10:14:28 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

unphionetor.com/fv.js?t=72747&cb=1736871566

139.45.197.236

200 OK

2.2 kB

URL HTTP/2
unphionetor.com/fv.js?t=72747&cb=1736871566
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (5213), with no line terminators
Size
2.2 kB (2153 bytes)
Hash
0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /fv.js?t=72747&cb=1736871566 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:29 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 03acaba27919e60245315562fd8fb946
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 08 Feb 2023 09:14:29 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d80610d43eb9000721b6135071f77444
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/impression/5295NZV1dfbzf_k47zxnJd0AIFZG5gXIjXBw3YkxqDNxdEAtL3NGJSZScpaMJ-R59Nwcvk1baM4WnEdOLu2yfZ2dt-iXsMUvFaROx4kEzkwyvYE4jVd1wTCN07N66sNc9hI7_XL0oZa15gQrowXVAdpJPuo9cJGmP1HEMEoSn7eg6blDCdQLXKUaRI9yCZgv5Lgj0EiGnrWjdCYGOv3xp4Y37YiFYATkx4-MbT_FswL0OZnHi29E-dU8X0pYqPF3T_nryCt5uEWTns_MFmDvmy-oerCp8N37FBxkGMizz-KBaqfDV1z7N-6zbpSHcQthLGj_yFYK6vu5Ijr47AFYtovSv9iIxaHTCcDPzMK28yx0CLY-UQSkhbfJSPYM3XMUofo9gX860rtIZj__ly0E6KOM2bvDzsvtiIY8KHBCe1kb19OwYSsy9NXDP7tzPphoB9ryPrzgUOLqEubcAqJU0reN-KrrORIp3_CJWkEV5isSJh6SJ8iXuRDpjt4QPop0HjVu_vWFyZ3-u9kdM-aYLCIKCDEccIIHNXTjBb9qEINtsqd2Cxonk-JZU5hO_oZryOWBIlNuCfHCsxNgEJ6R3g==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
betotodilea.com/impression/5295NZV1dfbzf_k47zxnJd0AIFZG5gXIjXBw3YkxqDNxdEAtL3NGJSZScpaMJ-R59Nwcvk1baM4WnEdOLu2yfZ2dt-iXsMUvFaROx4kEzkwyvYE4jVd1wTCN07N66sNc9hI7_XL0oZa15gQrowXVAdpJPuo9cJGmP1HEMEoSn7eg6blDCdQLXKUaRI9yCZgv5Lgj0EiGnrWjdCYGOv3xp4Y37YiFYATkx4-MbT_FswL0OZnHi29E-dU8X0pYqPF3T_nryCt5uEWTns_MFmDvmy-oerCp8N37FBxkGMizz-KBaqfDV1z7N-6zbpSHcQthLGj_yFYK6vu5Ijr47AFYtovSv9iIxaHTCcDPzMK28yx0CLY-UQSkhbfJSPYM3XMUofo9gX860rtIZj__ly0E6KOM2bvDzsvtiIY8KHBCe1kb19OwYSsy9NXDP7tzPphoB9ryPrzgUOLqEubcAqJU0reN-KrrORIp3_CJWkEV5isSJh6SJ8iXuRDpjt4QPop0HjVu_vWFyZ3-u9kdM-aYLCIKCDEccIIHNXTjBb9qEINtsqd2Cxonk-JZU5hO_oZryOWBIlNuCfHCsxNgEJ6R3g==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/5295NZV1dfbzf_k47zxnJd0AIFZG5gXIjXBw3YkxqDNxdEAtL3NGJSZScpaMJ-R59Nwcvk1baM4WnEdOLu2yfZ2dt-iXsMUvFaROx4kEzkwyvYE4jVd1wTCN07N66sNc9hI7_XL0oZa15gQrowXVAdpJPuo9cJGmP1HEMEoSn7eg6blDCdQLXKUaRI9yCZgv5Lgj0EiGnrWjdCYGOv3xp4Y37YiFYATkx4-MbT_FswL0OZnHi29E-dU8X0pYqPF3T_nryCt5uEWTns_MFmDvmy-oerCp8N37FBxkGMizz-KBaqfDV1z7N-6zbpSHcQthLGj_yFYK6vu5Ijr47AFYtovSv9iIxaHTCcDPzMK28yx0CLY-UQSkhbfJSPYM3XMUofo9gX860rtIZj__ly0E6KOM2bvDzsvtiIY8KHBCe1kb19OwYSsy9NXDP7tzPphoB9ryPrzgUOLqEubcAqJU0reN-KrrORIp3_CJWkEV5isSJh6SJ8iXuRDpjt4QPop0HjVu_vWFyZ3-u9kdM-aYLCIKCDEccIIHNXTjBb9qEINtsqd2Cxonk-JZU5hO_oZryOWBIlNuCfHCsxNgEJ6R3g==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=f66f08793072410f969d8ad7ab4dc400
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:33 GMT
content-type: image/gif
content-length: 43
x-trace-id: 1fe457fb532f749a0eaf920c3c99c8bf
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/500/5307588?excludes=16368912&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/5307588?excludes=16368912&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5307588?excludes=16368912&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:33 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

104.22.33.172

200 OK

13 kB

URL HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
104.22.33.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:33 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 09 Feb 2023 04:58:38 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15355
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 796341786d5d9930-ARN
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 417
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:34 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6e3a0cace9fdab46385a771f41c8c608
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

anonymfile.com/sw.js

138.201.48.112

404 Not Found

0 B

URL HTTP/2
anonymfile.com/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 08 Feb 2023 09:14:29 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.89.122

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.89.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ndil5Pcr%2Fv8PoLFoGhfGuA%2FPTr7pv9V0FRam391Stxoagqhhf4bjfH%2BqJvSnEkRyGNxf8VAkI6FvaPW7jQVZaTOaBdmjIP8pZvEYzF0%2F9l8rtgzixfiCdjP1%2FVF77A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796341563c28b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

betotodilea.com/500/5307588?excludes=&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/5307588?excludes=&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5307588?excludes=&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=15527f1370a9406db258be5018402257
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/javascript
x-trace-id: 66be574c7beeaa5da6dd401b509023d3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f66f08793072410f969d8ad7ab4dc400; expires=Thu, 08 Feb 2024 09:14:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

onmarshtompor.com/?rb=NNn6nnT8byHyQ4szq7r-BwKDoY0Qb9Lk1Spzps4k29WFJHVN3ChQD-RmsSzYuOVpa4BUlnfDvMwRgnfOA22xRzK_CiriS-_z_bOCMQ5Sn7ie8uedBnk0ZEisJ0HDsS6Pm1nH5JfHMIQr9njTrUpdWaM9mNorle0ueVbgrwDKpqJEGVw3ecSDNFWFoZni1r2CK7G8tfrAGZnymUuz97VF8hubVrUQEC6cI20tdSH9JRg%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=613f0c86-7066-4d7e-884f-bc7b86d52d10&userId=f66f08793072410f969d8ad7ab4dc400&m=link

139.45.197.243

200 OK

0 B

URL HTTP/2
onmarshtompor.com/?rb=NNn6nnT8byHyQ4szq7r-BwKDoY0Qb9Lk1Spzps4k29WFJHVN3ChQD-RmsSzYuOVpa4BUlnfDvMwRgnfOA22xRzK_CiriS-_z_bOCMQ5Sn7ie8uedBnk0ZEisJ0HDsS6Pm1nH5JfHMIQr9njTrUpdWaM9mNorle0ueVbgrwDKpqJEGVw3ecSDNFWFoZni1r2CK7G8tfrAGZnymUuz97VF8hubVrUQEC6cI20tdSH9JRg%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=613f0c86-7066-4d7e-884f-bc7b86d52d10&userId=f66f08793072410f969d8ad7ab4dc400&m=link
IP
139.45.197.243:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=NNn6nnT8byHyQ4szq7r-BwKDoY0Qb9Lk1Spzps4k29WFJHVN3ChQD-RmsSzYuOVpa4BUlnfDvMwRgnfOA22xRzK_CiriS-_z_bOCMQ5Sn7ie8uedBnk0ZEisJ0HDsS6Pm1nH5JfHMIQr9njTrUpdWaM9mNorle0ueVbgrwDKpqJEGVw3ecSDNFWFoZni1r2CK7G8tfrAGZnymUuz97VF8hubVrUQEC6cI20tdSH9JRg%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=613f0c86-7066-4d7e-884f-bc7b86d52d10&userId=f66f08793072410f969d8ad7ab4dc400&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:28 GMT
content-type: application/json
x-trace-id: a5307945ad5821302267dff6d18966e4
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f66f08793072410f969d8ad7ab4dc400; expires=Thu, 08 Feb 2024 09:14:28 GMT; path=/; secure; SameSite=None
oaidts=1675847668; expires=Thu, 08 Feb 2024 09:14:28 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 Feb 2023 09:14:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/5307588?excludes=16368912&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5307588?excludes=16368912&oaid=f66f08793072410f969d8ad7ab4dc400&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F596Bj%2Ffivem-stellexec.rar%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=f66f08793072410f969d8ad7ab4dc400
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 09:14:33 GMT
content-type: application/javascript
x-trace-id: d91c2070466d5e1ae79db8da6d79bdf2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f66f08793072410f969d8ad7ab4dc400; expires=Thu, 08 Feb 2024 09:14:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript

138.201.48.112

200 OK

0 B

URL HTTP/2
anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /596Bj/fivem-stellexec.rar?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 11:14:25 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 11:14:25 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Wed, 08 Feb 2023 09:14:25 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRR4SEZGXG40Y769CBEHN6AK-fra
cf-cache-status: HIT
age: 85
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79634147def20afe-OSL
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

172.67.211.29

200 OK

0 B

URL HTTP/2
inklinkor.com/tag.min.js
IP
172.67.211.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:27 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: b66ea5eedd9996d7999a17dfc2592d8e
cache-control: max-age=86400
last-modified: Mon, 06 Feb 2023 12:51:14 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 09 Feb 2023 08:44:40 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KKg9v7U374rSWW6yBNXlSdaGb0OU05EfZlsB60ZedoHXVUNx3w1VcumG2MpnFlBUNTCoKrc3ezZvvJoTnU7kaWluglxMayaGnoRu4PPKmnnD0y4pqzytLhOa6InNxRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796341531ffeb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js

104.16.122.175

200 OK

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 23674617
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 796341480f250afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

anonymfile.com/sw.js

138.201.48.112

404 Not Found

0 B

URL HTTP/2
anonymfile.com/sw.js
IP
138.201.48.112:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/596Bj/fivem-stellexec.rar?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImYvaHI2S3dFaVVpZVJNeXd0RmRIbmc9PSIsInZhbHVlIjoiUExQYmJuVjZtL1ZkSXhvU21oYTduaFBwSTVJTlR0eVVJRm9xNXN6cWNDZ0s3ZmRXZVVmb0IvaFFIOUJXUnh4MFNCbDI3dkFPR3dma3p2MDR5YkVmb1ZaOUFoQUtSNU9JRFJ3VTVDQlBEYkdyeUlRL2VlZlN3Vys4NFhyUGJZbWIiLCJtYWMiOiI5NmU0ZDA5ZjEwNmEyNDk0ZDQzNTlhZWMyNjliZDUyYzliMDBkYzYyYzQ4MzA3ZjExZDZkM2UwNDhkYzRiNWY3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6InhRT1djamtaTU5pZC9EOFA4VjRvNWc9PSIsInZhbHVlIjoiQUZTQmVoMzhvTENYMHowYUVwZitCeUZmWmw0aXY2cUxjMVFKN01mSnI4RWJnUWdLLzhhNml6TlN4KzRpaHdadjQ0MThvV3VUc0JFMlJsQmlPTGI0cnNnV214MVg2QmpOd3piQitxRm8xVHlyMGpHQU91bUVRemEvc0ptRXVvMHEiLCJtYWMiOiJlYmMxNGUwMzc2ZWNhMTNjNDM0Mjk3MjUxNjdjMGJiY2I0Y2Y3OTE5MTU1NDc1NTJkYWZhZjc5NWJmMjc0YjlkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 08 Feb 2023 09:14:27 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 08 Feb 2023 09:14:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRR4JX5GCD55ZTG36FPGCSBP-fra
cf-cache-status: HIT
age: 299
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79634147ef000afe-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML