Overview

URLcdn-141.anonfiles.com/xbMe15p7y7/9392d9fd-1674659697/God_of_War_v1.0.12-Razor1911.part07.rar
IP 195.96.151.34 (Sweden)
ASN#41634 Svea Hosting AB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2023-01-25 15:58:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (20)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-01-25 04:09:50 UTC 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-01-25 04:10:25 UTC 35.155.77.83
accounts.google.com (4) 81 2012-05-23 06:57:57 UTC 2023-01-24 18:28:32 UTC 142.250.74.109
pogothere.xyz (2) 0 2022-09-04 19:11:25 UTC 2023-01-25 12:59:40 UTC 172.64.199.35 Unknown ranking
cdn-141.anonfiles.com (2) 0 2020-07-29 15:07:12 UTC 2023-01-25 10:12:19 UTC 195.96.151.34 Domain (anonfiles.com) ranked at: 117161
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-01-25 04:09:39 UTC 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-01-25 04:09:41 UTC 34.117.237.239
ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2023-01-25 04:11:11 UTC 142.250.74.131
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2023-01-25 11:19:42 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2023-01-25 04:09:34 UTC 34.120.237.76
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2023-01-25 04:09:15 UTC 23.36.77.32
vjs.zencdn.net (2) 4968 2012-05-21 08:26:59 UTC 2023-01-25 06:19:30 UTC 151.101.66.217
e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2023-01-25 04:10:58 UTC 23.36.76.226
www.facebook.com (1) 99 No data No data 31.13.72.36
anonfiles.com (22) 117161 2012-06-18 10:03:32 UTC 2023-01-24 04:56:42 UTC 45.154.253.151
djv99sxoqpv11.cloudfront.net (3) 0 2021-02-04 11:22:38 UTC 2023-01-24 19:52:26 UTC 54.230.245.107 Unknown ranking
ardsoffhdgat.xyz (4) 0 No data No data 54.192.99.70 Unknown ranking
reoreexpresi.xyz (2) 0 2023-01-24 06:45:22 UTC 2023-01-24 07:19:48 UTC 172.67.203.148 Unknown ranking
thecoveos.com (5) 0 2023-01-15 08:20:54 UTC 2023-01-25 13:31:21 UTC 54.162.51.18 Unknown ranking
baconaces.pro (1) 835148 2018-07-16 08:32:31 UTC 2023-01-24 04:56:43 UTC 52.20.131.174

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-01-25 2 djv99sxoqpv11.cloudfront.net/OSnFXdXApHjkTTz4YM0hHeUZkRkBsGyQaHjpMLg9HCRJgI (...) Malware
2023-01-25 2 djv99sxoqpv11.cloudfront.net/5anB4cEwJHxYWcx4ZHE17WUdLQnVMGgsfIhpNAiAUBTgvO (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 195.96.151.34
Date UQ / IDS / BL URL IP
2023-02-05 17:34:24 +0000 0 - 2 - 0 cdn-141.anonfiles.com/ab6co8W0y3/3ae17486-167 (...) 195.96.151.34
2023-02-04 20:00:56 +0000 0 - 0 - 2 cdn-141.anonfiles.com/95b9q157xe/1bcc6295-167 (...) 195.96.151.34
2023-02-04 20:00:46 +0000 0 - 0 - 2 cdn-141.anonfiles.com/95b9q157xe/1bcc6295-167 (...) 195.96.151.34
2023-02-04 19:55:52 +0000 0 - 0 - 2 cdn-141.anonfiles.com/34JaV8u4y7/bd8fd883-167 (...) 195.96.151.34
2023-02-04 19:55:50 +0000 0 - 0 - 2 cdn-141.anonfiles.com/X8B452V0x8/b4f6d774-167 (...) 195.96.151.34


Last 5 reports on ASN: Svea Hosting AB
Date UQ / IDS / BL URL IP
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 22:30:40 +0000 0 - 0 - 4 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 20:51:52 +0000 0 - 0 - 6 cdn-153.anonfiles.com/EeIeNfP2y4/2332f38d-167 (...) 195.96.151.46
2023-02-05 20:15:01 +0000 0 - 0 - 6 anonfiles.com/Oakbf7Pcy8/Youtubers_Life_2_-_f (...) 45.154.253.150
2023-02-05 18:17:05 +0000 0 - 0 - 6 anonfiles.com/PbmfE4Ufy2/RJ01012281_7z 45.154.253.151


Last 5 reports on domain: anonfiles.com
Date UQ / IDS / BL URL IP
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 22:30:40 +0000 0 - 0 - 4 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 20:51:52 +0000 0 - 0 - 6 cdn-153.anonfiles.com/EeIeNfP2y4/2332f38d-167 (...) 195.96.151.46
2023-02-05 20:15:01 +0000 0 - 0 - 6 anonfiles.com/Oakbf7Pcy8/Youtubers_Life_2_-_f (...) 45.154.253.150
2023-02-05 18:17:05 +0000 0 - 0 - 6 anonfiles.com/PbmfE4Ufy2/RJ01012281_7z 45.154.253.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-05 22:30:53 +0000 0 - 0 - 2 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 22:30:40 +0000 0 - 0 - 4 cdn-147.anonfiles.com/q1zcrev2y0/710bace8-167 (...) 195.96.151.40
2023-02-05 17:30:53 +0000 0 - 0 - 4 cdn-143.anonfiles.com/29b8d1weyb/49de4e9b-167 (...) 195.96.151.36
2023-02-05 17:30:40 +0000 0 - 0 - 6 cdn-143.anonfiles.com/29b8d1weyb/49de4e9b-167 (...) 195.96.151.36
2023-02-05 15:31:17 +0000 0 - 0 - 6 cdn-150.anonfiles.com/79m13cl1yc/98a37e03-167 (...) 195.96.151.43

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (79)


Request Response
                                        
                                            GET /xbMe15p7y7/9392d9fd-1674659697/God_of_War_v1.0.12-Razor1911.part07.rar HTTP/1.1 
Host: cdn-141.anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.96.151.34
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Content-Length: 162
Connection: close
Location: https://cdn-141.anonfiles.com/xbMe15p7y7/9392d9fd-1674659697/God_of_War_v1.0.12-Razor1911.part07.rar


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8782
Expires: Wed, 25 Jan 2023 18:24:22 GMT
Date: Wed, 25 Jan 2023 15:58:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11246
Expires: Wed, 25 Jan 2023 19:05:26 GMT
Date: Wed, 25 Jan 2023 15:58:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6697
Expires: Wed, 25 Jan 2023 17:49:37 GMT
Date: Wed, 25 Jan 2023 15:58:00 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 15:35:13 GMT
age: 1367
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    dcd75ca6daca51c5e39d431468511793
Sha1:   07f76d3bf23d65c9110d810fa71a994e39e085d3
Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
                                        
                                            GET /xbMe15p7y7/9392d9fd-1674659697/God_of_War_v1.0.12-Razor1911.part07.rar HTTP/1.1 
Host: cdn-141.anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         195.96.151.34
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/xbMe15p7y7
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2jtTaFOEv7+fpKKp61Qhn8Sj1PETmo+vB2U7ay7X6gzlCagGdInJ1sKeknmEorcZ9xdC3OekoKg=
x-amz-request-id: 2J5P6DF90N8CXHH7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 15:48:37 GMT
age: 563
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    7b922915ebf1fa3639b333f994c74f24
Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938
Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F47B8991865DF0F407FEACAC9D18018B6FEE06F50DA4271E87B745ADC3F9123C"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12671
Expires: Wed, 25 Jan 2023 19:29:11 GMT
Date: Wed, 25 Jan 2023 15:58:00 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 25 Jan 2023 15:58:00 GMT
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /xbMe15p7y7 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: N
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (785)
Size:   3402
Md5:    e68639fd0793a06804a05f13c532e074
Sha1:   4304157f5aab0685db4edcdc02338793b946d2d0
Sha256: 7f9aa652cb7790ecf3529206db843e58bc39d5d95ad258f2e2118904197c2479
                                        
                                            GET /css/anonfiles.css?1668606177 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6530
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65452)
Size:   25261
Md5:    bf84dfe5f6e6044aa4c1095a7a9a850e
Sha1:   e411fe5ea4f2b5ce7382dfe3079589f4817ad165
Sha256: 2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
                                        
                                            GET /js/app.js?1668606177 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6080
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (63238)
Size:   57886
Md5:    ba67ff13fd07739a7037fbc27b2a1955
Sha1:   3e253f69b2f12659c541de122c6bce0ed82ba369
Sha256: 1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
                                        
                                            GET /sw_anonfiles.js HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 28490
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (25712)
Size:   15666
Md5:    5e03f95322bfd924a10943354a145be8
Sha1:   149a1d27b2169791e547a074c3d40b279319d35b
Sha256: 27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
                                        
                                            GET /img/flags/24/us.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6831
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   656
Md5:    ae506a6c014bfeb8d8cbfdfbe94c14c9
Sha1:   f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
Sha256: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
                                        
                                            GET /img/file/filetypes/ext/rar.png?1668603321 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 631
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 10
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   631
Md5:    d33954367bc5d15c7f0e01857e7ae8ea
Sha1:   b8b5ba4e52c439feed2b51c7f982be6f4dee3aae
Sha256: a6f8963dd8d602e135e8b860b7e48badfd78c2b1bef9ec362a39ce2fc484606f
                                        
                                            GET /img/flags/24/in.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7617
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   593
Md5:    ccaf96cfc341dc9a17e24b96bef223ff
Sha1:   8791d6db6628e0fb21b847ab94484f0c615e38ac
Sha256: 728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
                                        
                                            GET /7.3.0/video.min.js HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.217
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Wed, 25 Jan 2023 15:58:01 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65141)
Size:   132230
Md5:    e296d874aca2a1550b409394be51efaa
Sha1:   c184c030e9aab3d03de27bc588919e249d5ccdf7
Sha256: 401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
                                        
                                            GET /img/flags/24/fi.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6656
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   456
Md5:    0ea9115d18d5210d4f1db520881faa3a
Sha1:   09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
Sha256: 544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
                                        
                                            GET /7.3.0/video-js.min.css HTTP/1.1 
Host: vjs.zencdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.217
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-encoding: gzip
date: Wed, 25 Jan 2023 15:58:01 GMT
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 8966
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35998), with no line terminators
Size:   9673
Md5:    3397ce943db8add2728dccd9a3b8b8bc
Sha1:   a57bbb7546a458fe57d72d06baab950125260cc9
Sha256: 5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
                                        
                                            GET /img/flags/24/pl.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7571
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   347
Md5:    baf3aff7caef0be58f29b41f20a0e4db
Sha1:   11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
Sha256: 0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 15:41:40 GMT
age: 981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/flags/24/ru.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7014
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   403
Md5:    d8df89b036e6afb48f72d2440831bad0
Sha1:   04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
Sha256: 2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
                                        
                                            GET /?xsvjd=737329 HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.107
HTTP/2 200 OK
                                        
content-length: 68730
date: Wed, 25 Jan 2023 15:58:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iqhpoiZKUY9AQMpmw7zRGwj73fWsMProEUqVexB8syL5FtTFN7MA2w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15948)
Size:   68730
Md5:    bb5e175701b0097cce28ed598e25ffdc
Sha1:   205ef5a8cab9fc810fb34d7ac3e2f6820f7c4b28
Sha256: e91a13976f196427f7bf3dff0f1daf27ddf1749a20921ecb9aa3c411329ad5a8
                                        
                                            GET /img/flags/24/de.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6772
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   483
Md5:    9f8cc07c258bcd2de0c7900861e20ffc
Sha1:   fed97219e44693d4f3918fc4037b325732225d81
Sha256: 07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10615
Expires: Wed, 25 Jan 2023 18:54:56 GMT
Date: Wed, 25 Jan 2023 15:58:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89B55C8E1AD6A2DCC9E450E59EC1BB6B815AF0C6C8D12354F644BA69B31EDA0F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4241
Expires: Wed, 25 Jan 2023 17:08:42 GMT
Date: Wed, 25 Jan 2023 15:58:01 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/flags/24/fr.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6959
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   536
Md5:    e81efecf1a1b1d3a17d00a904c5cc3c9
Sha1:   1203894dbfc8363302dc709d852c05a4dd8bf9dc
Sha256: 54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
                                        
                                            GET /RXloZnIkGwsLTSRECkAHNxVVQ0ADXFogFi8PUV8BPRYZFgR0SEYFHioMDAAAKhccSBwgDU1UNAoqBiAqISEpFjovEjwyCHEgJVYaDRw9PBkXEioVNTwoCS4YNTQkAUsNOjosFQwoOTc/LxU8JDYELwkNJBIzACdHABJZFTQBEj8yKjEhJg43Fh1YMAoEOy5VOgEeOCEhHB0mCjAGPS00RxcvPlIjHUErISEULycnOwEbWCgcAg46ECN3HS03NRc7Cw0rPBtYKBwEEQMNIHc3OTcFLSwyMycMHy0wCxcTIhAjdxogJB98Oi4NIAQfWV8cHT8+UiMRVCk3Nzw8DQUZJksNIzQoKz0kRRQuMjcjKxYwNhUmLyQkRjMsLS8/FD4MJyorCTAvGS07TgwBKhcYWws/TisFRRENMiUc HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.192.99.70
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1172
date: Wed, 25 Jan 2023 15:58:01 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 208ed8b46a45d58d14b6e0be1aab3dac.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 8iykmE5U5g_c52-RcWM_p2WraSNGE9P4ebeXlNZWUF9GmUWhRu4EFw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Size:   1172
Md5:    6f5bedfc4c631329725d566da142d859
Sha1:   6e88e612c851944364687608b7aa0e06070c3c13
Sha256: 6785090925c1d585ba37f96318e9a4a9b335f16046074a3a03fe84751c621bc3
                                        
                                            GET /eXlqcTEYGwkcDhhECFdECxVXVAM/XFg3VRMPU0hCARYbAUdISEQSXRYMDhdDFhceX18cDU9Dd0wYBDMFGjwdO3kBID0SSU0jIjQATi4/FX0oFzw8dh4KDDhZCTcrGHAsOz4WRzYrHTh8ER09PnM4LDgkcwg7AjRmP0osPHcrID4SZw0uLSNgDC9aI1Q7PR03dkksPD5zFiwtFmQJMSs0Zy8TAT1lKywMP1Y0GiwzdwkuLit/IRcSIWASETM+RjQcIjMJTj48J3ooOiMUZywJKxdnCRw5N2dcSyw6dy8yOzVCPTEBRHQYLwEIaSwzUjRaIzQ8KQkWLz9cQTgpAglnKgMsSGYSLz0gdi8pOxpWITI7GlM/SDxUAzs1Lzt4KCESEGAsESgQZxE4IhlaXEsoNUkgISk2XSA3AR1wHCw4MGkeLxImRl8TGR5fCUQQIWkWMT04YRs7BQ HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.192.99.70
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1193
date: Wed, 25 Jan 2023 15:58:01 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 208ed8b46a45d58d14b6e0be1aab3dac.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: WwZ2i6FfkuOnTxWIhNelcekIT3P7-rn8NLBqYKna78HPoq_CP-mIqg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Size:   1193
Md5:    e349581bdc4864e4a1cd4a8890f9bf3d
Sha1:   513a595c5e5162a6688b15d18efaf0d6990d2436
Sha256: 37d99b2b39d1a2b0ba88e080ee7ad24c1c2e2242ed413f4622760f81dc80b578
                                        
                                            GET /d0tVNDJYdDZHDyIdMV1kDQkybmQtJRcGaAEcOGVxLnkXZWgAGnNAWxN2YgcFRHhlEkIeL2gFClE4IVVGAjhoBRQeJTNbD1E9aAUcR2VnGgBRPmgFFAM7NFMPRm0lQEYbdmQCBUN9YwYAQHJhDAU HTTP/1.1 
Host: reoreexpresi.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.203.148
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 15:58:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmmCc4BTy72m39YudS2iDx9vFXweXN%2BZ5%2BGUYvGXok4U4bdXbgZ0FKoOFRrxSRipt%2F%2B4Yq%2FACfABwCzv4ZzXUCzZREfBMzqVOWQjXAZYeWgaoXmPhJ%2BYBIQs56FheEGIYBE%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f2353b8ee31bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /azVoUm9ECgshUj1hOhA6AEEBEFwhXQ0VXy5QPyJKWXMxAxcRVFs1SR9cDG9YWAJbYFZNRQE2UloTGyYOH0Abb15NXAY0AFYTHm9eRQZcfFxaG1p0GlYETiYfClJVY0kbQRw+UloDX2ZZXQdaZVZfAlk HTTP/1.1 
Host: reoreexpresi.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.203.148
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 15:58:01 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjGpjhPVt%2FFZtv%2FKAE%2FAJ6Tb4DUMbLMaiXPoE%2Blj7p5qUAdSI36TsBzzBCShQ2Uehtp11csiTPwjjdCry7NdZ2Ah8N4SKwSEh19%2BuIN%2B8kx0cj3BGQuCGoeevFJFeSPg5Rgg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f2353b9ef91bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /img/flags/24/br.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 5710
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1115
Md5:    6a5938d2e7f7d6f4026d6eb1b4b4f2cd
Sha1:   7a038177fe4deec455d61d3e9c90019fa4727d40
Sha256: 0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
                                        
                                            POST /s/gts1p5/skLwC7qegUg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PjKrlk3CLzz+Cw8PHGtSVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.155.77.83
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0b0kytfc+P7JDMsdm+E5ANUuWn0=

                                        
                                            GET /static/logo.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 18441
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 19:34:48 GMT
etag: "6324cfd8-4809"


--- Additional Info ---
Magic:  PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   18441
Md5:    f9fd716d30e220aa24bab0e94ebf0aa0
Sha1:   4af32d78655436173f272bb65159a232f1671b8d
Sha256: 5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
                                        
                                            GET /OSnFXdXApHjkTTz4YM0hHeUZkRkBsGyQaHjpMLg9HCRJgIQQQMjlTBDAVakVWJhA5Ek1sFDkWTXtXNhESd0VxABF3HDgPGSYdNlBCDER5RVV4QX8CGSQVOAIDb0NnGwRvQ2dEQGRBckYyb0NnAhkkR2NQQwhUZUUIfEVyRjJvQ2cHBm9CFkRAf19nXFV4QT-AQEyEeckc2eEFmRUB7QWZQQnoXPgcVLB4vUEIMQGdAXnpXIkhB HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.107
HTTP/2 200 OK
                                        
content-length: 252
date: Wed, 25 Jan 2023 15:58:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uUl1QaBpnNLRzb_L2QL2psur00HiJm-VCFFMUYMIjCRve1NGdWuiiA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MGR bitmap, modern format, 8-bit aligned\012- , ASCII text, with no line terminators
Size:   252
Md5:    8cc4ec94fc0cb0d9674fb2e833b5416b
Sha1:   c154ae37d346ad4521f78b415ee1c33a93e4d612
Sha256: a8bc9bca0ce8875696c521e1af1b35c1d71695da2d5ea9c4c16c7b887b6b8b1c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/flags/24/es.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:01 GMT
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7354
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   666
Md5:    5fa381a8eb16d9e673d32980e7fd1710
Sha1:   fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
Sha256: 7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
                                        
                                            GET /utx?tid=737323&top=anonfiles.com&cb=XmasJkgpo5Ta HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.192.99.70
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 15:58:01 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 25 Jan 2023 15:59:01 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 208ed8b46a45d58d14b6e0be1aab3dac.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: YynHaXpEOrYtOpbnC-6pWEGFtO7WyZRs1KM1dknfwJ2_DXplNXa8Ng==
X-Firefox-Spdy: h2

                                        
                                            GET /5anB4cEwJHxYWcx4ZHE17WUdLQnVMGgsfIhpNAiAUBTgvORwIMhdWOBAURUBqBhEWF3FMFRYTcVtWGRQuV0ReBDwFG0UVOBoUGgUpHAEVVjkLTRUfNgMcFBFpWDZNXnxPQkhYOwMeHB87GVVKQCIeVUpAfVpeSFV/KFVKQDsDHk5EaVkyXUJ8EkZMVX8oVU-pAPhxVSzF9WkVWQGVPQkgXKQkbF1V+LEJIQXxaQUhBaVhAHhk+DxYXCGlYNklAeURAXgVxWw HTTP/1.1 
Host: djv99sxoqpv11.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.245.107
HTTP/2 200 OK
                                        
content-length: 546
date: Wed, 25 Jan 2023 15:58:01 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K2uIr4Ku-e3nAqU5y-aG96y-KgyTK0mq7iAp-Er07ZfPeokaA1D8lA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (779), with no line terminators
Size:   546
Md5:    be7ccbc87bc96980e835d0396aaa303b
Sha1:   82d1f2db9895908764b09af496a1ffe2515b8b45
Sha256: 0699d2ff52d82a4b567f15b2b21cf1d8e60b9fc8d4b2ab2508d0e36348776d98

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/flags/24/no.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6268
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   611
Md5:    f14ac70aa6dd4d371671c0e6d7cba4e3
Sha1:   1139e3acd6e073bffb59157cbc10af72ed757218
Sha256: 9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "88FC9BFEA9C6F046D43D0CC36467CD7133555056C977BEEE8A486C0F3AD64C51"
Last-Modified: Tue, 24 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7868
Expires: Wed, 25 Jan 2023 18:09:10 GMT
Date: Wed, 25 Jan 2023 15:58:02 GMT
Connection: keep-alive

                                        
                                            GET /img/flags/24/se.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6308
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   581
Md5:    c9b1e40987c4411b4a7d13c07a8843aa
Sha1:   cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
Sha256: 8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
                                        
                                            GET /img/flags/24/dk.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6831
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   537
Md5:    b6ebe55a7d176720cd2b1003298187a8
Sha1:   930858408b9af1f79c430bbe15c185db555a7815
Sha256: 07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.162.51.18
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /img/flags/24/jp.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 6729
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   599
Md5:    857f6f0e0886a3729b758b7241e42e61
Sha1:   a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
Sha256: 8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
                                        
                                            GET /img/flags/24/kr.png HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 7384
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   988
Md5:    cb22f00511d088a71e84f8c1c864caed
Sha1:   6599812ed106bda6017487287e12bc836570649f
Sha256: 09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.109
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 15:58:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-99913375%3A1674662282553256&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHetFuKBsutG31lUPmUx0RbjOmqZznkXOJ2Tgvk158UjEhkPzAxZk9vSRnSgIxjrNGtVHKYSEw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-UX0zKbkHa7vJ4szMSt05CQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:0ZqGU_Z_HXcorkSrv7mjULZzfq7Vzw:Fw-IDq6LA5ngWgTW;Path=/;Expires=Fri, 24-Jan-2025 15:58:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size:   394
Md5:    4c03eb5dbbd5485782b9133fb0beb1a6
Sha1:   83dece1b2f35744a6a8c74e8a4b13f69752edba6
Sha256: d5e840cba8965a2ef7a0d8a645ba34a3f49c8f2b72f7283a7cd9d54cf02b65a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3704
Cache-Control: max-age=171634
Date: Wed, 25 Jan 2023 15:58:02 GMT
Etag: "63d13e85-1d7"
Expires: Fri, 27 Jan 2023 15:38:36 GMT
Last-Modified: Wed, 25 Jan 2023 14:36:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /utx?cb=xzHSJaAqnneF&top=anonfiles.com&tid=737329 HTTP/1.1 
Host: ardsoffhdgat.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.192.99.70
HTTP/2 204 No Content
                                        
date: Wed, 25 Jan 2023 15:58:02 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 25 Jan 2023 15:59:02 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 208ed8b46a45d58d14b6e0be1aab3dac.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: w3cwYchhquRqEqOdULysuINVGcO1WbSsHD-alqH5LmPWMzbuoZSoqg==
X-Firefox-Spdy: h2

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.109
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 15:58:02 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1829177931%3A1674662282592276&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdSnBjjDqBmuJLbOI4zPl-FAZN7HIF9BELgvXreOxPuS-ukERIRsdAfcz1qP5OUvjXWRwpg5A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-oRR1RxTSyGB7VFtP1t05ww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:QNEO1jCTx6JhytbGoU5Z6aOmoHsP-w:uuEg0sDdvDG-GXw3;Path=/;Expires=Fri, 24-Jan-2025 15:58:02 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size:   398
Md5:    c153bf6e1ef972fd538e5af3dd27c6db
Sha1:   7919da32e1f986d618767118f9cfab7a004ba7bd
Sha256: a324dd7586c0f266a4b7e5466d691731509882df6c932733986b4f476ce86d40
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CC423DFA4077C6C07D608272BD897E4DAD249580F0B4C2C13173D6271B94AB5E"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7780
Expires: Wed, 25 Jan 2023 18:07:42 GMT
Date: Wed, 25 Jan 2023 15:58:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "CC423DFA4077C6C07D608272BD897E4DAD249580F0B4C2C13173D6271B94AB5E"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7780
Expires: Wed, 25 Jan 2023 18:07:42 GMT
Date: Wed, 25 Jan 2023 15:58:02 GMT
Connection: keep-alive

                                        
                                            GET /sw_anonfiles.js?V3daM0wMVW0Ae2RFaRFgdVV2EXo0FWtVdGcTd1J8ZUB3By5nE3cKeW9OdwZ0YBNvCnVnQz5VdXVbeAR6ZURrAi5nWjxSLjNabld8NFo4Un1uWmIGKW4WbAQuZk5rC257VSlEbntVLlspNBgsViMkWTlcIXVbeAJ8eUJ4Hyo2GylWYDEWNkApexE7Xz8yKg HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 36025
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (25712)
Size:   15666
Md5:    5e03f95322bfd924a10943354a145be8
Sha1:   149a1d27b2169791e547a074c3d40b279319d35b
Sha256: 27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 25 Jan 2023 15:58:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3704
Cache-Control: max-age=171634
Date: Wed, 25 Jan 2023 15:58:02 GMT
Etag: "63d13e85-1d7"
Expires: Fri, 27 Jan 2023 15:38:36 GMT
Last-Modified: Wed, 25 Jan 2023 14:36:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.199.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Wed, 25 Jan 2023 15:58:02 GMT
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3501
last-modified: Wed, 25 Jan 2023 14:59:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6%2BoA2y7KpBCjQL8bblyrpHp08rYZlqKE8hgKxtvNtPYmoEPel%2BVpwNtLClp5rCsC%2BhQeIm0NPiYRVKXUcBvUBGRU1u%2FMHBOGprJ142MG6tDM%2F8G6Oh%2FYegb931uE3Ty"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f235428a4974dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   102746
Md5:    48be26c5fb348d8dcd318f6cf9f59054
Sha1:   a30517d6f7728aae80d9fa4f93e1a28696e9c6cc
Sha256: 0827f7b7cc19b6ce54e018b35bd12be7607ea68eb8c69de74da8278da672f3ed
                                        
                                            GET /img/favicon/favicon-32x32-anonfiles.png?1668603321 HTTP/1.1 
Host: anonfiles.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/xbMe15p7y7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         45.154.253.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Wed, 25 Jan 2023 15:58:02 GMT
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1209
accept-ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1309
Md5:    ee0e6dd4ef643128a1b7bd4ab32b8a79
Sha1:   8136c70aac1e50f8356c83f91fb77ea4b6596cbc
Sha256: 51f305558b4ed6fcf3a31b4f9e404fc2ea426cb5e785ac46ce827de0c5cabb4c
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: 9bajNSAjU0286t65zsAjuamVm8iH/9JP2sPD3dqw605MYV9Yb1K8zR2xhFsrlBysDDOzDKNp2+Y9wD8pgKrfZA==
date: Wed, 25 Jan 2023 15:58:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1491
Md5:    7435daada3efb8375af9589ba21eaf34
Sha1:   59eb82d524d1c01189e86b7bb2d25551d6c26e91
Sha256: cba46c1e47cb05c1b4b76902503a394c9eb31e62d5c2e81b290597f95cb066be
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18025
Expires: Wed, 25 Jan 2023 20:58:28 GMT
Date: Wed, 25 Jan 2023 15:58:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18025
Expires: Wed, 25 Jan 2023 20:58:28 GMT
Date: Wed, 25 Jan 2023 15:58:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18025
Expires: Wed, 25 Jan 2023 20:58:28 GMT
Date: Wed, 25 Jan 2023 15:58:03 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 64287
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    91b2e12a39dc4f63b9d52e8800cce1f2
Sha1:   42d5b4b4a091778d98c351f0002d8656449d0243
Sha256: d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8252
x-amzn-requestid: c7064a36-7bb0-42c7-9ee8-9ee798ce8cbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEq3UEjVoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb582e-5be2ad2a217f9b4b6834a278;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b4EbiS-go4Yy-UcA4CbKj10TbS6qKgQd6ZgqB3XVyd9ieBPszfx_jw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:47:57 GMT
age: 65406
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8252
Md5:    d10114508bd40d76f497fc5b9c064350
Sha1:   c9b86b2b27063e0a58b0f237d451f9cf05b2122d
Sha256: a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 30249
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12758
Md5:    7458f7a9b2070055df6f1d496794e43e
Sha1:   0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
Sha256: 373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uuhyzrUcYv-zqjLZvGNYsUuAhCW2vkKpEhQQKlmfSgHDtKz0jD2PNQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:18:31 GMT
age: 59972
etag: "7596b783e0da5fba63c49374933eccffc223d729"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6026
Md5:    bb6c1403a1d3c878c08ccaf17f8b3d0a
Sha1:   7596b783e0da5fba63c49374933eccffc223d729
Sha256: 1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:19:27 GMT
age: 41916
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10921
Md5:    1d76c1b1126a3e1b51dcca652cb6727b
Sha1:   b199a381ccac4628f2bfa626b44c71954713ca98
Sha256: 3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:16:15 GMT
age: 45708
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9650
Md5:    13891ffe8a0cc240be63b7945e4b7688
Sha1:   958b50e9e7e5e02882d55612a5d6d2402e225390
Sha256: 1570d69731ba13051454a048ac85bde7c1de8e39dea0fd78e7e5c3f2be122cb6
                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.162.51.18
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 344
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.162.51.18
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.162.51.18
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1 
Host: baconaces.pro
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.20.131.174
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fd-MdrlO7MupRyJ2tMtpFdt3pEpJJo"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S-99913375%3A1674662282553256&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHetFuKBsutG31lUPmUx0RbjOmqZznkXOJ2Tgvk158UjEhkPzAxZk9vSRnSgIxjrNGtVHKYSEw HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.109
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 15:58:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-CPy57_WA-44obucVIfPoIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S1829177931%3A1674662282592276&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdSnBjjDqBmuJLbOI4zPl-FAZN7HIF9BELgvXreOxPuS-ukERIRsdAfcz1qP5OUvjXWRwpg5A HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.109
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 15:58:02 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-DTyfcr7NJvA5W3Re8_2D4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Origin: https://anonfiles.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.199.35
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 25 Jan 2023 15:58:02 GMT
set-cookie: csu=1211528373860760@1@1674662282; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://anonfiles.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTuPT%2FtohoegAt9ZiFOKg4Z8JKhXb1INQtHzt9mnox6mIqtSusQjgTceyFM7lOXTohtl6XefSrUmfHAV0Z4cfGqUJDXcyO63oipav6PzWkrSgCufnWartPMttwsFRZUv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f235428a4a74dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /V3daM0wMVW0Ae2RFaRFgdVV2EXo0FWtVdGcTd1J8ZUB3By5nE3cKeW9OdwZ0YBNvCnVnQz5VdXVbeAR6ZURrAi5nWjxSLjNabld8NFo4Un1uWmIGKW4WbAQuZk5rC257VSlEbntVLlspNBgsViMkWTlcIXVbeAJ8eUJ4Hyo2GylWYDEWNkApexE7Xz8yKg HTTP/1.1 
Host: thecoveos.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.162.51.18
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: 6132d9fc6fb46b8e1e422c04913fca6d=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8442-1KfTFmrYZ99Qoduzx7zVz4z8Vuw"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---