anonymfile.com/XPN36/pluginvideojiotv-2064.zip
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/XPN36/pluginvideojiotv-2064.zip
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /XPN36/pluginvideojiotv-2064.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 21:11:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10929
Expires: Wed, 01 Feb 2023 00:13:43 GMT
Date: Tue, 31 Jan 2023 21:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Tue, 31 Jan 2023 22:48:10 GMT
Date: Tue, 31 Jan 2023 21:11:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 20:35:55 GMT
content-type: application/json
age: 2139
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3373
Expires: Tue, 31 Jan 2023 22:07:47 GMT
Date: Tue, 31 Jan 2023 21:11:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CEnAKF0otGIA0R1ha9qtLLG3S2XItYBsPhWkoiSccls2Qg0J6s5cNu4c+tJX8fMdHHNpilPtNDqAUy9scR3NSQ==
x-amz-request-id: AJS5RMAJPT59PB88
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 20:22:21 GMT
age: 2953
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 75 kB URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 65c31d311ae68e4aabece34b7545367b
7e4f7469233e4d26c716c6f8630e1d83a4625d20
6f3f8aa982c4b3661a2d02193f0b21b313a408076802980ea8662dcd6b42eee5
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 Jan 2023 21:10:47 GMT
expires: Tue, 31 Jan 2023 21:15:47 GMT
vary: Accept-Encoding
x-original-content-length: 598523
content-encoding: gzip
content-length: 74764
cache-control: s-maxage=10
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 31 Jan 2023 21:08:35 GMT
expires: Tue, 31 Jan 2023 21:13:35 GMT
X-Firefox-Spdy: h2
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 31 Jan 2023 21:08:35 GMT
expires: Tue, 31 Jan 2023 21:13:35 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 20:41:42 GMT
age: 1792
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16079412
expires: Sun, 21 Jan 2024 21:11:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPqzbg2fN1LPpFJKHb5KsQKUJOcGI9jYJzSMLU88wv%2FwmEleqQroVi%2FeqSNy0%2B1e%2FVvrtUOs1623CZKUtQJ79KDS9lM8mwmL6UUFzUVHcH4OFMgJTO4nWj%2BoZVIxobiWBTphjBX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792570cacf821c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 41 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 2.3 kB URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (317)
Hash f948c40d85d1b1dbeb8a9aa19aafbd30
376bb3d93fd00d6143de270152b2dd24970bf9dc
00bd3c408917adf782966bcd4e2c8a738155835e6bfc1c5f28c320395bbfa263
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 Jan 2023 21:10:49 GMT
expires: Tue, 31 Jan 2023 21:15:49 GMT
vary: Accept-Encoding
x-original-content-length: 9351
content-encoding: gzip
content-length: 2348
cache-control: s-maxage=10
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.1.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.1.229:0
File type ASCII text, with very long lines (43315)
Hash 34245e47533a6bbe4e69f65aa0297dcf
6649da8177cd2018da3bdcef74aac77931fb470c
9db43754d594eb4c0d021c4b62b3b4a0e13b455d8130f33e845523e9f0c43f7e
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.1
x-jsd-version-type: version
etag: W/"fb5c-w+GyqThvnHQcfkFno5FntMBy22I"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 31 Jan 2023 21:11:34 GMT
age: 8412
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18041
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17766
Expires: Wed, 01 Feb 2023 02:07:40 GMT
Date: Tue, 31 Jan 2023 21:11:34 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash f7a8c2dcaf2fd0f97576b7ad57bb5d7c
0bf0e6431ac8b76e920096168a8aa88a85f004c5
73d88f788c8fe50c4537b842cdc3a0846133e7645eff3f5d10392f01f37063d9
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 21:11:35 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1C24E3CDA1A3C91715EEC85FAC42838CF4A17B02"
Expires: Wed, 01 Feb 2023 08:00:00 GMT
Last-Modified: Tue, 31 Jan 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1103
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792570cbdc0cb51b-OSL
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.125.175302 Found 6.1 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.125.175:0
Hash 567b522bff9c7d6f786d5f277457a786
bdc6633950275d669c1b42a56bcd2604d73d5ac0
7bac267f477094db4013a380fab9dcb90a64bac5497ecee0cb9e34d82b011710
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GR4T8H7CYTBPVGQT33M66JZJ-ams
cf-cache-status: HIT
age: 488
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792570cb6bef1c0e-OSL
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
104.16.125.175200 OK 5.4 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP 104.16.125.175:0
Hash c8d37a3e1b5a377b360ce85832b01bab
dea47626553dbc49d1a6e0c53bcbf96902744229
fd3e1ccd282f0050d7455f848fd9d05a81afce276e2c82481eed637439fa4340
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 23026446
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792570cbac421c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kfLdzoQ6eb141xuOwww02Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qImf0S5AT79X3huG/K6SiJlGdqA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Tue, 31 Jan 2023 22:12:52 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Tue, 31 Jan 2023 22:12:52 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Tue, 31 Jan 2023 22:12:52 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Tue, 31 Jan 2023 22:12:52 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _xCzARAxn6PB9wrQAL98hWvnUxQOocZFqMoS2l_CoIzOJC18bXQuSQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:53:32 GMT
age: 83884
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 84199
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 62444
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 84195
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 70137
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 69301
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0e940422d4e57e2709f6821717da660c
25f9ff6d68bca9fb6968d7bdbdd257df6d452f3a
deb51c7a590e5461cec165403ce18a1a9f5b9e35ca15e33ddda8e4bc1e3a9d8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 21:11:36 GMT
Last-Modified: Tue, 31 Jan 2023 20:43:02 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0e940422d4e57e2709f6821717da660c
25f9ff6d68bca9fb6968d7bdbdd257df6d452f3a
deb51c7a590e5461cec165403ce18a1a9f5b9e35ca15e33ddda8e4bc1e3a9d8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 21:11:36 GMT
Last-Modified: Tue, 31 Jan 2023 20:43:02 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08ccb70984b11b7eae838ec4daec9236
b35a1b3f90e5a7b67bd9f8a42c36d5bbddae8ed4
0edafaa7e0cd33b6f0f3fa90f66798cc58cb856ff2d87ea694dd8b5e56e896fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EDAFAA7E0CD33B6F0F3FA90F66798CC58CB856FF2D87EA694DD8B5E56E896FB"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15004
Expires: Wed, 01 Feb 2023 01:21:40 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash df775ff2d90f4ed8bed083ceb6406edf
58b3fe7bba65efbc65d82cf7636ccfa73bab4b12
5db87d52ac84967c22e7ed9fd323f1496c706e4880a9f59eebe35373f04dde53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB87D52AC84967C22E7ED9FD323F1496C706E4880A9F59EEBE35373F04DDE53"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4499
Expires: Tue, 31 Jan 2023 22:26:35 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
anonymfile.com/sw.js
138.201.48.112404 Not Found 5.5 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Hash 7fd91d400dab0181d1cdfc803e213cb9
9b4ce6a676a89867af77006c0330e48e13300d45
a67debc9e8d27acc68c1dd5a8b208fc4f89030f4e496012c25a81a61d0e06f75
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 31 Jan 2023 21:11:36 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c7a97687e818991f30aa75d1be3f58e
63df9fe6593da625e6fdc6a6af5452e2ea472c38
d4ce0d24d551d9bcbc05bd75535a7c6668f7d113fc99a64e2524cfdfa718867b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4CE0D24D551D9BCBC05BD75535A7C6668F7D113FC99A64E2524CFDFA718867B"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18883
Expires: Wed, 01 Feb 2023 02:26:19 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8d2492b9661ea58be705760e5ce9349
bf6c3c783783e226595ded48b02775da9b3600bf
3fdc7e19f5da1655e5d85380595daddc533e142f0b8f2c002381bb2cf023f66a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FDC7E19F5DA1655E5D85380595DADDC533E142F0B8F2C002381BB2CF023F66A"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9858
Expires: Tue, 31 Jan 2023 23:55:54 GMT
Date: Tue, 31 Jan 2023 21:11:36 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=7321d7db3d724e1f8d962f4b5aeb8ef7
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=7321d7db3d724e1f8d962f4b5aeb8ef7
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7cc700f9095e868b6a7d8ad3b1af285c
06cc3bdfff999e6eeb71476fbfa722b62d573223
9e0a2ae9d80ad22676ba5c7905ef6866c5b58b6f2600729851bcdc3be8580679
GET /gid.js?userId=7321d7db3d724e1f8d962f4b5aeb8ef7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: e028dd05fefa042468d0d09864b792a7
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.89.122200 OK 5.3 kB IP 104.21.89.122:0
File type ASCII text, with very long lines (13121), with no line terminators
Hash 69599ccb0b322c5919bb7f588a743ab6
aaf5551525223bc6cfa47bfdbb90368a8613aecc
bc58d50736374e380cf7c5650e52f608b40d9d494795403dd0e73af8241257a5
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yYdW%2FKQaROLT3dHsmjDRf4rQ4QoDeehb3p0fqEwkb6zCJzXaMBSdayLc7x8YsHx%2Fyz0FL%2BAK9%2BMMJLoiYuMHxxBR5TcCFzSilckRQonJMvDcZqdYk7ytOhI5%2Fmg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792570d85db7b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 396
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 287667060167844b87656a8187e7f5fd
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 777
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 72ef6628f4e88ec6e42baa56c4ea576b
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7
139.45.197.242200 OK 2.7 kB URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (6397), with no line terminators
Hash 2d84f2ccc8099ce35f7ec3a371a5985d
df0d62e449288dd78c8a4c007332075935da9e83
a517175521fe596327547738a4161ce894b86ee3c2564af32d4340003d62bab2
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 145
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=4a714daa43dd4869b79cee0e76ba6fa9; oaidts=1675199496
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 1541c7096893abbda969b072b38669a2
access-control-expose-headers: X-Sc
set-cookie: OAID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:37 GMT; secure; SameSite=None
oaidts=1675199496; expires=Wed, 31 Jan 2024 21:11:37 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f07dc88b8b39db985629132af5f2a6b9
79d47cf76ed86b9ad0410dd1af297a8fb0f494d5
4631256bbb260f65699ad5206975bc2f9f22d1bd0654f120614530033e1d8999
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4631256BBB260F65699AD5206975BC2F9F22D1BD0654F120614530033E1D8999"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9398
Expires: Tue, 31 Jan 2023 23:48:15 GMT
Date: Tue, 31 Jan 2023 21:11:37 GMT
Connection: keep-alive
betotodilea.com/500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8c974945aa19b203f94c228ed355a01a
65d899c3fd847edfcf36417f4c88e94c7f12647e
4abde0b1cd9faca80483fe88383326794e0bdaa434d451eaddb09954f5947aa2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 21:11:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 03:49:35 GMT
Expires: Sun, 05 Feb 2023 03:49:34 GMT
Etag: "65d899c3fd847edfcf36417f4c88e94c7f12647e"
Cache-Control: max-age=368876,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792570d94db3b51d-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 925
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 31 Jan 2023 21:11:39 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
nanouwho.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
139.45.197.242200 OK 144 kB URL HTTP/2 nanouwho.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
IP 139.45.197.242:0
Size 144 kB (143643 bytes)
Hash 66fb7ce55cc6c9dea5f30912444ef315
8c3a285cc7b25de75205cc25d14f86a89f857e80
b27ed2a913274e6b58b57e7b964d2ce77eecf0619476eebf0d5bbb889c8feef5
Analyzer Verdict Alert quad9 Sinkholed
GET /27/dae1eb9bef878cda2f3d5a0907ef4d01 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=4a714daa43dd4869b79cee0e76ba6fa9; oaidts=1675199496
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 27 Jan 2023 06:22:51 GMT
expires: Fri, 26 Feb 2083 06:22:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=zK3ge3qjcPqt2jk&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3501260337%26z%3D5307589%26b%3D16336477%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DoWoKkr-RF9ze2bzUQgJ0d24TgSrNeyC-RaR2O8_6WcJEsvhmoi1QFacK0Yj5jwOYZPTFYxF4FCb9tqS61Fk0v3aOErhO8NPb9KRnTfDw41OyK3Tbq0L26raBs_vHjx9uI5Y4NhNVroVGInPM9Fq7KVJZhgYsmJ6w0uNlPGMRyD4QBNtsv1C7VXVipQiJOcG6W2U36Lmt2pvJB6iUSjOBFYlMzcj6DW9A8FQCoRXNo_pZyeTewwdVn6ZBA40u7yPDHjUCbmhUPNNqN_emchrHIj11OGCu7_X2gTRgRtvT59uBcXbDhNFYZ_raIw4vdsPagEmlXw0c2qFG0Vh3kdkBTYNd3wyIN63vHHVDlpF1KnqtfCeZBbn8F01UNbFm0qWwiDmFgCGBrkBdglMz9kDepO5j-IIePiDlzMkoLTwWJ4sjgnDB6yRTNz9Lpi3JF_GDSpKfviVJE1Nr25fh63KNyY2hIdZml9hu3mC2tjvoFx6sjGyfZM1-HEdT9rKjZUoNBW1yoGGwk7XJf3LWuAj6igth4oOQjedpmCXPxnSZ7RQ7Iy4UQ8b0pXK6XfHqw63wGTBbSU-OHFHo-yo88KmupFRbx19j2tUgaRkI2OzcmoPjcUuPp3JuFn3sviccpP635BeON9aM4JPhn_yyVwzLtLHfrLg%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D36d079a3-ed3c-4314-993e-4f890c587943%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FXPN36%252Fpluginvideojiotv-2064.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 21 kB URL HTTP/2 interstitial-07.com/?l=zK3ge3qjcPqt2jk&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3501260337%26z%3D5307589%26b%3D16336477%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DoWoKkr-RF9ze2bzUQgJ0d24TgSrNeyC-RaR2O8_6WcJEsvhmoi1QFacK0Yj5jwOYZPTFYxF4FCb9tqS61Fk0v3aOErhO8NPb9KRnTfDw41OyK3Tbq0L26raBs_vHjx9uI5Y4NhNVroVGInPM9Fq7KVJZhgYsmJ6w0uNlPGMRyD4QBNtsv1C7VXVipQiJOcG6W2U36Lmt2pvJB6iUSjOBFYlMzcj6DW9A8FQCoRXNo_pZyeTewwdVn6ZBA40u7yPDHjUCbmhUPNNqN_emchrHIj11OGCu7_X2gTRgRtvT59uBcXbDhNFYZ_raIw4vdsPagEmlXw0c2qFG0Vh3kdkBTYNd3wyIN63vHHVDlpF1KnqtfCeZBbn8F01UNbFm0qWwiDmFgCGBrkBdglMz9kDepO5j-IIePiDlzMkoLTwWJ4sjgnDB6yRTNz9Lpi3JF_GDSpKfviVJE1Nr25fh63KNyY2hIdZml9hu3mC2tjvoFx6sjGyfZM1-HEdT9rKjZUoNBW1yoGGwk7XJf3LWuAj6igth4oOQjedpmCXPxnSZ7RQ7Iy4UQ8b0pXK6XfHqw63wGTBbSU-OHFHo-yo88KmupFRbx19j2tUgaRkI2OzcmoPjcUuPp3JuFn3sviccpP635BeON9aM4JPhn_yyVwzLtLHfrLg%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D36d079a3-ed3c-4314-993e-4f890c587943%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FXPN36%252Fpluginvideojiotv-2064.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1518)
Hash 00ea074ea4b9535c57e76f3ad0d0a045
650402279d7ea291864beee579ba2819905a72cc
3948c81c88b467f44daf1e450e8b3fc9ed43404219e505960be880184b122d3c
GET /?l=zK3ge3qjcPqt2jk&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3501260337%26z%3D5307589%26b%3D16336477%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DoWoKkr-RF9ze2bzUQgJ0d24TgSrNeyC-RaR2O8_6WcJEsvhmoi1QFacK0Yj5jwOYZPTFYxF4FCb9tqS61Fk0v3aOErhO8NPb9KRnTfDw41OyK3Tbq0L26raBs_vHjx9uI5Y4NhNVroVGInPM9Fq7KVJZhgYsmJ6w0uNlPGMRyD4QBNtsv1C7VXVipQiJOcG6W2U36Lmt2pvJB6iUSjOBFYlMzcj6DW9A8FQCoRXNo_pZyeTewwdVn6ZBA40u7yPDHjUCbmhUPNNqN_emchrHIj11OGCu7_X2gTRgRtvT59uBcXbDhNFYZ_raIw4vdsPagEmlXw0c2qFG0Vh3kdkBTYNd3wyIN63vHHVDlpF1KnqtfCeZBbn8F01UNbFm0qWwiDmFgCGBrkBdglMz9kDepO5j-IIePiDlzMkoLTwWJ4sjgnDB6yRTNz9Lpi3JF_GDSpKfviVJE1Nr25fh63KNyY2hIdZml9hu3mC2tjvoFx6sjGyfZM1-HEdT9rKjZUoNBW1yoGGwk7XJf3LWuAj6igth4oOQjedpmCXPxnSZ7RQ7Iy4UQ8b0pXK6XfHqw63wGTBbSU-OHFHo-yo88KmupFRbx19j2tUgaRkI2OzcmoPjcUuPp3JuFn3sviccpP635BeON9aM4JPhn_yyVwzLtLHfrLg%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D36d079a3-ed3c-4314-993e-4f890c587943%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FXPN36%252Fpluginvideojiotv-2064.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=yFSUaIawtIilJdpNwtxX__Ryhgc3EIC7_u5zUNMyRXg; expires=Tue, 31-Jan-2023 22:11:37 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/23/3d/e7/e93460b01c5e023eb263207fc0/0793907651252.jpeg
139.45.197.153200 OK 43 kB URL HTTP/2 interstitial-07.com/contents/s/23/3d/e7/e93460b01c5e023eb263207fc0/0793907651252.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 233de7e93460b01c5e023eb263207fc0
c6666b8bf4ef074150b69bff8c382e18c9a40843
b3297291029509cbc0ce08ebfd108961dbc17b7b1be14b3bf0ee21fcf74e1add
GET /contents/s/23/3d/e7/e93460b01c5e023eb263207fc0/0793907651252.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=zK3ge3qjcPqt2jk&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3501260337%26z%3D5307589%26b%3D16336477%26c%3D6497346%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DoWoKkr-RF9ze2bzUQgJ0d24TgSrNeyC-RaR2O8_6WcJEsvhmoi1QFacK0Yj5jwOYZPTFYxF4FCb9tqS61Fk0v3aOErhO8NPb9KRnTfDw41OyK3Tbq0L26raBs_vHjx9uI5Y4NhNVroVGInPM9Fq7KVJZhgYsmJ6w0uNlPGMRyD4QBNtsv1C7VXVipQiJOcG6W2U36Lmt2pvJB6iUSjOBFYlMzcj6DW9A8FQCoRXNo_pZyeTewwdVn6ZBA40u7yPDHjUCbmhUPNNqN_emchrHIj11OGCu7_X2gTRgRtvT59uBcXbDhNFYZ_raIw4vdsPagEmlXw0c2qFG0Vh3kdkBTYNd3wyIN63vHHVDlpF1KnqtfCeZBbn8F01UNbFm0qWwiDmFgCGBrkBdglMz9kDepO5j-IIePiDlzMkoLTwWJ4sjgnDB6yRTNz9Lpi3JF_GDSpKfviVJE1Nr25fh63KNyY2hIdZml9hu3mC2tjvoFx6sjGyfZM1-HEdT9rKjZUoNBW1yoGGwk7XJf3LWuAj6igth4oOQjedpmCXPxnSZ7RQ7Iy4UQ8b0pXK6XfHqw63wGTBbSU-OHFHo-yo88KmupFRbx19j2tUgaRkI2OzcmoPjcUuPp3JuFn3sviccpP635BeON9aM4JPhn_yyVwzLtLHfrLg%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D36d079a3-ed3c-4314-993e-4f890c587943%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FXPN36%252Fpluginvideojiotv-2064.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: image/jpeg
content-length: 43387
last-modified: Wed, 14 Dec 2022 16:39:07 GMT
vary: Accept-Encoding
etag: "6399fc2b-a97b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 073b65b69eabb3f6fae2f276c98e1e25
a9f0b2b1f29b5a0fc19dc2fa9c1109b8d97cecd1
92adb929b3b93b39c94e8cd948bb6c9bd39f12cd199bffa495281aed7fb95361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92ADB929B3B93B39C94E8CD948BB6C9BD39F12CD199BFFA495281AED7FB95361"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8646
Expires: Tue, 31 Jan 2023 23:35:43 GMT
Date: Tue, 31 Jan 2023 21:11:37 GMT
Connection: keep-alive
unphionetor.com/fv.js?t=72747&cb=1209098857
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1209098857
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1209098857 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3689d237c7ccb851f58d27a6598d6ef6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 898e639b4d33aaee1ea71940376d4232
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 998 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash b980298d4fe9bda2c678f5ffef440b78
59c6c84a29ae33e854074b1a85721c3c44c925a2
7d865fb2cfcaa1d8d6cedf172c3fa43751dc7d7af2a68103dc4e1714db3e7878
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=4207235cb9f94e1d96263ebfd8d6a17b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:37 GMT
content-type: application/javascript
x-trace-id: fb6460ccc2abcd6d652ff674143dc358
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:37 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:42 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 12 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 95e9695519d1df5fceb9016c0b4d769c
87659def99010fb7c995f755d5103c41ae7ae6f4
f7ffe384a189e2035480bea8e49547549946be9d28504d5931d6f48de3f709e3
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=16368912&oaid=7321d7db3d724e1f8d962f4b5aeb8ef7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FXPN36%2Fpluginvideojiotv-2064.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=7321d7db3d724e1f8d962f4b5aeb8ef7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:42 GMT
content-type: application/javascript
x-trace-id: 8c8184633bbc9749c2b75ef837923423
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:42 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=fa520db81b684950b2dfed19f1eb7a44&zoneId=5307590&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=fa520db81b684950b2dfed19f1eb7a44&zoneId=5307590&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 7cc700f9095e868b6a7d8ad3b1af285c
06cc3bdfff999e6eeb71476fbfa722b62d573223
9e0a2ae9d80ad22676ba5c7905ef6866c5b58b6f2600729851bcdc3be8580679
GET /gid.js?pub=0&userId=fa520db81b684950b2dfed19f1eb7a44&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=7321d7db3d724e1f8d962f4b5aeb8ef7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 21:11:34 GMT
last-modified: Tue, 31 Jan 2023 21:11:34 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.125.175:0
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 21:11:34 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GR4TF6SB3V2N5S2FG2E893TN-ams
cf-cache-status: HIT
age: 270
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792570cb6beb1c0e-OSL
X-Firefox-Spdy: h2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.476.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.476.0
IP 139.45.197.234:0
GET /5/5307591/?oo=1&js_build=iclick-v1.476.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/json
x-trace-id: f8ff4b5b07e6aa31628d5e9f92622f00
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=7321d7db3d724e1f8d962f4b5aeb8ef7; expires=Wed, 31 Jan 2024 21:11:36 GMT; path=/; secure; SameSite=None
oaidts=1675199496; expires=Wed, 31 Jan 2024 21:11:36 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.415
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.415
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.415 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-18c6c"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 2d7cebf3cf1eeedab1b7c8de3b195d00
cache-control: max-age=86400
last-modified: Tue, 31 Jan 2023 12:22:36 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 01 Feb 2023 20:35:09 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjcUoqVsqcwu7P794KPNQcBfc%2F3UcUW1zcIL3jevAP2ShjpoMxSKyTGeXulU01pTU8YOsg9hbJYE7%2F2Kp3xqoNCH3tRq9UV0%2Bo%2Bzh9R05P4ASrOeVAq8d8kfEaEbYjUg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792570d4fe750b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 11:03:52 GMT
etag: W/"63d3af98-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/1.JiBnMqyl6S.gif
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/1.JiBnMqyl6S.gif HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
date: Tue, 31 Jan 2023 21:11:34 GMT
last-modified: Tue, 31 Jan 2023 21:11:34 GMT
cache-control: max-age=31536000
etag: W/"0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
betotodilea.com/400/5307588
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5307588
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: application/javascript
x-trace-id: eed4f8805521f75827a297736f440a5c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4207235cb9f94e1d96263ebfd8d6a17b; expires=Wed, 31 Jan 2024 21:11:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/XPN36/pluginvideojiotv-2064.zip
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 31 Jan 2023 21:11:38 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/XPN36/pluginvideojiotv-2064.zip
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/XPN36/pluginvideojiotv-2064.zip
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /XPN36/pluginvideojiotv-2064.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6ImtCM2h6RjZDWVpoaUtrWUJ4RmlGQlE9PSIsInZhbHVlIjoiWjBSaENzWmsrSWhzZ3RneUtZOXMvTTZnbDRQZlQ3Z0lGU28zanlTdmJ0WGVTK29PWllVOTdQYndBU3M0a2YvY0Q0ZFRNcnRJc2haRkNyYlhwMkQ4YUNjMkgzTnBNWUtiRWlzNGdXMnZZU0hCMnRYKzIvNDNFNHYwRnhZTWFjRUwiLCJtYWMiOiIzZjk3OWY2MmQ4MjYzZjI2OGNmOTQ4MDM4NjAwM2RlNTM0YjQ4MGVlOTc2ZjVkMTkwZTMzZjAyNThjZGU1Y2U2IiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 23:11:34 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6Ii95UHJZQUlGQUR4R2FEeTEvRSs3RlE9PSIsInZhbHVlIjoiYVhxY2NpeDZIRjhQMVM3QldIQVBlcStka2I0OEF4Tk9GbWJWS0NFUy9CWngwaEUxZGJrdWhBc1NiSVptS1ptVTJLTWdCbS90MEpCU2RuYzlZc1ZtUWx0Y0N2ZDRZWjJyWnVSQ2tDbDh3N2FTOHBmZXR2UHBCeHhtSVNNRHN5b2siLCJtYWMiOiIwMWE4OWFjN2RhY2ZlZmMxNWRlZDJiMDdkNmE1NjNmOWJjOTUxOTllODYwZTJiMjFmZmIwMmRiYmRlYTZkYzJmIiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 23:11:34 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 Jan 2023 21:11:34 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
nanouwho.com/1?z=5307589
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 21:11:36 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: b6106a4b40a47558dffcbd9e79eb1c2b
access-control-expose-headers: X-Sc
x-sc: 22DEVuldRWDUeqxbYxdEiijIaR4pojbK0sidOHsmAeK4i3e4vXwU6Sxhr8Fi19PZHKP0jy1Sxnodmqvt40dzUTKVb7c=
set-cookie: scm=1; expires=Wed, 31 Jan 2024 21:11:36 GMT; secure; SameSite=None
OAID=4a714daa43dd4869b79cee0e76ba6fa9; expires=Wed, 31 Jan 2024 21:11:36 GMT; secure; SameSite=None
oaidts=1675199496; expires=Wed, 31 Jan 2024 21:11:36 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP 104.16.125.175:0
GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 21:11:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 5558876
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 792570cbac401c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2