| anonymfile.com/7LJJe/pack232.zip | 138.201.48.112 | 301 Moved Permanently | 162 B |
URL HTTP/1.1anonymfile.com/7LJJe/pack232.zip IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /7LJJe/pack232.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 15:55:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/7LJJe/pack232.zip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha5daf4dc99951793ae2315d4795e8146 4427507ca4d3a5632cc8f598afbc85e2195d00bd 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10640
Expires: Tue, 29 Nov 2022 18:52:20 GMT
Date: Tue, 29 Nov 2022 15:55:00 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash4ed065cb23b5fca1a179dd73b3c5b7b2 4422eb24688f5e056fc1b18b127c7f63b1dbf5e0 b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3649
Cache-Control: max-age=157019
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:01 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:32:00 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 15:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2226
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9fce5679881bf302a8978a0b462f01a9 b699fe030ea13ac73813e655c42ed9b531925e2b a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5188
Expires: Tue, 29 Nov 2022 17:21:29 GMT
Date: Tue, 29 Nov 2022 15:55:01 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4PpuUIaO06hPiXCWS61qCbTLwapbsirHZgGXhDmyYbznimZ/cV9ihVlFLoBIsK3KA0HHIE/4CrQ=
x-amz-request-id: RP5ANQG4G1ZPD2Y9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 15:45:31 GMT
age: 570
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| anonymfile.com/css/theme.min.css | 138.201.48.112 | 200 OK | 75 kB |
URL HTTP/2anonymfile.com/css/theme.min.css IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Hash8b61cc26bfb7e13d1ebf3e9639914e51 7b8d4de2b1884b3c1654cfbde0e8a6f3885a3f66 f27b9cd4b89d6729e328f65b08114323077a61b6761865aa160785073f57bbb0
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74661
etag: W/"PSA-aj-TDax0QZn8Y"
date: Tue, 29 Nov 2022 15:55:01 GMT
expires: Tue, 29 Nov 2022 15:55:58 GMT
cache-control: max-age=56
X-Firefox-Spdy: h2
|
|
| anonymfile.com/img/logo-anon-warning.webp | 138.201.48.112 | 200 OK | 15 kB |
URL HTTP/2anonymfile.com/img/logo-anon-warning.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Hash7b596f481388ac5ef6d74a15a351f6c3 6756e88c0b46cc981b7bbbdaf2ead77bd258a472 cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:50:16 GMT
expires: Tue, 29 Nov 2022 15:55:16 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c8c689bd654417640d85f3da51af313 85123b6d46230a23d03768bf304b386e5d301305 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4174
Cache-Control: max-age=152481
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:01 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:16:22 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| anonymfile.com/img/main/footer.webp | 138.201.48.112 | 200 OK | 178 kB |
URL HTTP/2anonymfile.com/img/main/footer.webp IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
File typeRIFF (little-endian) data, Web/P image\012- data Size178 kB (178070 bytes) Hash79ccb3a1b78412a1a530284f45ea7056 626d0494e1bd871e67ecffad44d04ac2343fb7e5 3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:50:16 GMT
expires: Tue, 29 Nov 2022 15:55:16 GMT
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css | 104.17.25.14 | 200 OK | 14 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (65345) Hash642445b86596bdeaa98e92faa2064fc6 6c5539660bf533d34e37b917973c941d1c963374 4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10617219
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLzDCTk5eBM73Jp3%2Biv8MF8AAmZm2UkqZSZ8D12yYXfGJltRSN%2BD2gvGC%2BsRAbtsiUUB9ToaYq1ldPLp3WqTZD%2FIkbnT4R5zgwk%2FzEqkuoWWbwGcrPhdlTXqgxN%2FpkSDoHj4ednO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86771c21b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js | 104.17.25.14 | 200 OK | 30 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65370) Hashd18c98bb03dac8dd996130d56f3d8e8c cc1777baef75c9438534927036a21f22e91e5578 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10781189
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ftt5B2Xws%2B3vuJ3C2QJRtmvsORuIkH88YkT0ADpOSImhzwI3eIeMNU%2B5nqwsDkEUF2FRwdatvE8kaP1hDNo%2BtGqw4if6W%2BkClDW%2BN7h3OZ%2B6W%2BdcdLYCdSyiiKVc11l%2BB2jDxKZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86775c63b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.0 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/2.10.2/umd/popper.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (18706) Hash3773d4bd82b03cdfd02c9fd691f80d78 c4d89a2de179c90944835571b45877048f3c1424 5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1619241
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgrGogDE%2FeCYn6zIpqObFU1xhNV0t%2BXBl%2BcshH2pnUN%2BoLeLHnEWMwxviPUorhPoWXOvt59dnzkFzY%2BxHQGcpElzKlzE9r82bKc%2B%2F%2B2TUVped%2BZP4hziczARyTxD0z0FyVtW1peS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86775c6fb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65447) Hashd900ca08873ee57d40616d39a44cc0aa 7ab3ac8b1504b7b914a6e94c979b8390bb492f6a 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1551026
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uEfG3HzGnuA9cirrIdj2AlxZ%2BdHsPc5qexRFQxX%2FrjG2V1Ikd1UY6pdw1NKkb9eF2i9HOCFhkGhDQ3nWLL4wbgXcvuYfuWfOqJfYtx987j%2Bc%2F7y%2F096GCrqAJdrJ1D%2B0FltwJYs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86775c64b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js | 104.17.25.14 | 200 OK | 15 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (58940) Hash28dbaeb9aa2638e0c4e6d9ffd3d14e9d 3208ed3741e60986bbed3fd759cdfd3b4fa7cf06 ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1119042
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2XiXSPI%2BF32bi0lCMlkeEXbtzKRkiLAmBDyPCB8U4GMnUniE95Eojn9QumF6WQJxFWU%2FtQxglOEjBm3ydaJGROTZlTDtOGda2km5e28L1sCVY2r35QeM0ft6k%2BcV0SnF5OyhT%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86775c73b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js | 104.17.25.14 | 200 OK | 3.0 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js IP104.17.25.14:0
File typeUnicode text, UTF-8 text, with very long lines (10584) Hashe34a4db0b42ca907e0b7a56cd4b145ec 2dc36a7dcdfc42d122b23ef91483d27865c4285f 4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2327166
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBeraYjAxIDlgTT2cPO70Qj4plNcJYCgvyleKzlEXQYmFJnPtA%2FwAuISNiuvKUhLVufkO3sKjs31pqgYhYwg%2BB1PmlrWrgj66ApNEKcaYSSf5%2BZB8fQ63lCL85TMu%2FnkSQr6xRU7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86777c90b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js | 104.17.25.14 | 200 OK | 30 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65370) Hashd18c98bb03dac8dd996130d56f3d8e8c cc1777baef75c9438534927036a21f22e91e5578 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10781189
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeomQTHqSoe9rVVscCuzPPT584sQ5YMZ8LY4IJB%2FcYCEuKyrUZs1K0q7m3pHIb4J6OYqMk%2BmwFzi0OWgsW3K6R3ziik6rMp2gyGEsVs7wUUg5Qit6c4JTWh3v8y1CXBT57%2FKOQ08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c86777c98b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css | 104.17.25.14 | 200 OK | 2.9 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css IP104.17.25.14:0
File typeassembler source, ASCII text, with very long lines (17282) Hash78aabb09e30a9eb6f833cbb1b48bdb2e e876ff16b6c511bc217973e51202aaaf23a4e936 8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 530991
expires: Sun, 19 Nov 2023 15:55:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2jizoES7lUPuPprXz470jNUgP3%2FqRe1bnf2uMYSmxWxpO2848wBrobRZbE%2FEcb%2F5g8STmJU7BNHaW2njcn48ik068RimQmtJMMtrdaWHq0xOmGilvmKIW8O44vDbPjw9k%2Frs7xX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c8677ace1b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashebda5539b32fd20ab6af182e1bc1e20b 4dd11178830150371e491ff52718a5f32b7e6169 7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5148
Cache-Control: max-age=87948
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:01 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:20:49 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashebda5539b32fd20ab6af182e1bc1e20b 4dd11178830150371e491ff52718a5f32b7e6169 7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5148
Cache-Control: max-age=87948
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:01 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:20:49 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 15:08:56 GMT
cache-control: public,max-age=3600
age: 2765
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/sweetalert2@11 | 151.101.193.229 | 200 OK | 18 kB |
URL HTTP/2cdn.jsdelivr.net/npm/sweetalert2@11 IP151.101.193.229:0
File typeASCII text, with very long lines (43295) Hashd1c014750780316b0165f72b7c5dbdfa f6304c0a6d279485b2729de0213500a9cbcd5b5a bfa1a4e1470d6f6bb522befcef6c60098ecfae855c4dfe9157c5a81ebac45bc6
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.14
x-jsd-version-type: version
etag: W/"fb49-+/dZCApQZmEeYYbR5fA6SnpuL68"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:55:01 GMT
age: 14422
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18033
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 | 104.18.20.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 IP104.18.20.226:0
Hash0f1f735b8e92aaf4a6b1b08a137a7f14 508c529ffdaf42cb222b46a4c125c76c3fb08be9 a2a7c35e148022addd34da631734f564c16838162eddd1991ac1b59961b7cb46
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:55:01 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AD3A864477924B95F5FE21415D0713BCBA1ECEC6"
Expires: Wed, 30 Nov 2022 03:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2708
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c86788e58fac4-OSL
|
|
| unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js | 104.16.124.175 | 302 Found | 24 kB |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js IP104.16.124.175:0
Hash48de563fefecca841ddb3eca4e11bc4f 7dce4a24ffca5605b9f7506674ace11a56ab4bee de5f521c04ecefa8e0b8b200880ffcc99d51e4f49b588128357658729f1f536f
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK21F4M6HFS9RE12F672F8DR-ams
cf-cache-status: HIT
age: 111
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c86780885b517-OSL
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.41.91.37 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.41.91.37:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3hFGvJA/CnHP061FWeCaHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l9vJKOT94RqxIhGSDktR1Bab/wU=
|
|
| unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js | 104.16.124.175 | 302 Found | 7.0 kB |
URL HTTP/2unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js IP104.16.124.175:0
Hash47e945bb8d91396558262d9cf966883d 7d0e9f1c300d531c68f2ad0c9ce4a2aaf8058313 e509b569ce90b78dc3b039010a8f547c1533aa5e3b4ee4ba217288126e9a60bd
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 15:55:01 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK21F4R1YRQCJE8WKY2YQTQY-ams
cf-cache-status: HIT
age: 111
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c8678088db517-OSL
X-Firefox-Spdy: h2
|
|
| inklinkor.com/tag.min.js | 172.67.211.29 | 200 OK | 25 kB |
IP172.67.211.29:0
File typeASCII text, with very long lines (65536), with no line terminators Hash813e46d21a7281f8d1246a943534a36c 89f82c9eedfb4cf6f72190ab3215ec838d1829a1 1b9110a16e918fbf5803036a95dfb78b9ac79a4b2e71b38e14a6c261ab43e335
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 2e7bf06cffaea65a222f2fc76422ca3d
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:03:42 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 30 Nov 2022 15:41:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSKFon9dnZxK%2F20SqQHUdS%2FbShwzB5GaQF0C40nGABVN2tILOS4gQTXEUmyegWWSCi2b72Oq9awBqMsbskRV4qY9tjZj3Bd6qRNIDg%2BzPMrvcJlb%2BTZR252FEw%2F%2B8aAM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c867a99461c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb887c73aed6c3e40ff6c16c11c2e2922 50ef7184ea758cecbdb5c34450925611b6c95329 0027a2437a75c0ab78e2cd555d6c887ff972cfcd9f1406bcdecb4f5fd97e2dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0027A2437A75C0AB78E2CD555D6C887FF972CFCD9F1406BCDECB4F5FD97E2DAC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16830
Expires: Tue, 29 Nov 2022 20:35:32 GMT
Date: Tue, 29 Nov 2022 15:55:02 GMT
Connection: keep-alive
|
|
| anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip | 138.201.48.112 | 204 No Content | 0 B |
URL HTTP/2anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashdfd37ae2da5cc16d38d1d0ce5a3af6da 224117ab84ae9dbf57b1be06a30d21cc83dc9de8 2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:02 GMT
Last-Modified: Tue, 29 Nov 2022 14:41:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashdfd37ae2da5cc16d38d1d0ce5a3af6da 224117ab84ae9dbf57b1be06a30d21cc83dc9de8 2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:55:02 GMT
Last-Modified: Tue, 29 Nov 2022 14:41:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashab4aa08fae72ab5a3faf9881aaf21c6f 1e8d23b619b5073f45d5558c59070ed3b8462114 4f8e847be14db15d5bf0781846019a186afd7dd491dea427adf36e175939c467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F8E847BE14DB15D5BF0781846019A186AFD7DD491DEA427ADF36E175939C467"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9485
Expires: Tue, 29 Nov 2022 18:33:07 GMT
Date: Tue, 29 Nov 2022 15:55:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8e8c89c17e336cca7a61b55895462e74 e27f9646f415cb235ed8eef9de30639dd355fad1 3cf03691d11e79366511035adff2fabce3d362860e670f4de949794d3b6268ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CF03691D11E79366511035ADFF2FABCE3D362860E670F4DE949794D3B6268BA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19702
Expires: Tue, 29 Nov 2022 21:23:24 GMT
Date: Tue, 29 Nov 2022 15:55:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1ae08e4ab68a9b974d100e32fb800900 4ce0f7cb3fe345a1e30a543b776520fe509578b2 e956d9afcbb5685fa484cd4fbb2a38dfbd84c888bec357e97c5b196d4ba4698b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E956D9AFCBB5685FA484CD4FBB2A38DFBD84C888BEC357E97C5B196D4BA4698B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17520
Expires: Tue, 29 Nov 2022 20:47:02 GMT
Date: Tue, 29 Nov 2022 15:55:02 GMT
Connection: keep-alive
|
|
| tzegilo.com/stattag.js | 104.21.84.149 | 200 OK | 5.7 kB |
IP104.21.84.149:0
File typeASCII text, with very long lines (12966), with no line terminators Hash69844511ce0b78d7a455aa89221282af e0c19f1fc8df5eb35915fb3a16f8358020121416 e22175313bb05ec31615f776d0d05d213ae4a52736212e876fa05f56830a67f1
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5913
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB5skMuHazn5hb5%2FpQpjXG1YpHUlPojySQbAUAkS%2FGdGFzh0McJKuPWrQOZIHJbrgza8M7%2Fg7uJZcG99iG0ukxB1sNPJGLX52YUYGddznJgXT6aPDKCRDuw5c01xDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c867c7b831c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=7b33e5170dc54c28acbbcf7b6c8c985c | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=7b33e5170dc54c28acbbcf7b6c8c985c IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash24ab94727d9dc4ff4ae2d6cf5463f1d7 efdaf99e31ec97ed4468724d1f1286c2f61eddfb f0e453cb5ac8923dc207d64a0313d3e4c03509c9ec4dba7106890b5af75a4385
GET /gid.js?userId=7b33e5170dc54c28acbbcf7b6c8c985c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= | 139.45.197.250 | 200 OK | 664 B |
URL HTTP/2ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= IP139.45.197.250:0
File typeJSON data\012- , ASCII text, with very long lines (663) Hash924f83d583902548517c3327ff8e4493 7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c 92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: c06669cffb7f28aec62d6c6b783e955b
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3d3db1701969a90e0df7e3fed5bd9d15 3b21dad117223210baa37dcddb7e24a70693a980 db3baa5c8749ec64e209dafb551526f098b2063b5247d2e9d6ac81057281afbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB3BAA5C8749EC64E209DAFB551526F098B2063B5247D2E9D6AC81057281AFBF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4108
Expires: Tue, 29 Nov 2022 17:03:30 GMT
Date: Tue, 29 Nov 2022 15:55:02 GMT
Connection: keep-alive
|
|
| nanouwho.com/1?z=5307589 | 139.45.197.242 | 200 OK | 8.2 kB |
IP139.45.197.242:0
File typeASCII text, with very long lines (16471) Hash39e58666e39cbb785c3d09c7330dba27 08607d477ec4a7511d93918f7f0b2681eea1637e 4553ec098da1038e779b7c47f3724f6a259a3c00fd8ee69ecf0255c752ef2469
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d28b4f8cf23b6d5c4343fe27c6d98d70
access-control-expose-headers: X-Sc
x-sc: VS3dJ5u0W3brawsYFCu8c4tYXKodpG7GRKWexasgsUBCLN_B4OTQTJvuDAuIT7JgqazAtHNmTF4F2lONLSBVcgOfFUs=
set-cookie: scm=1; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
OAID=9ec6361ec00f4443bcf4242869c0a045; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
oaidts=1669737302; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2 | 139.45.197.242 | 200 OK | 123 kB |
URL HTTP/2nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2 IP139.45.197.242:0
File typeASCII text, with very long lines (65523) Size123 kB (123395 bytes) Hash002c620ace9c4bc9e663e9559bb41ec2 9206e373196f6f83ed6f9d839bc234a4de8a76e4 9a40d66313a0699abba86d39e638cd20c20ad917c3722ae1852dd03e6c0e9047
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /27/04ab1c44ee7c7870e42713e938fe14f2 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=9ec6361ec00f4443bcf4242869c0a045; oaidts=1669737302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Mon, 28 Nov 2022 04:04:40 GMT
expires: Mon, 28 Dec 2082 04:04:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ibrapush.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 382
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2295541e9bd6f3f93e433eefb2bb455a
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ibrapush.com/custom | 139.45.197.250 | 200 OK | 39 B |
IP139.45.197.250:0
File typeJSON data\012- , ASCII text Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 763
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 679536918f72be88bd75947e6a660f28
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash081f27e87b02fb79b3453a116e731959 03e52819d86a0fa523e77ed24126e76e5369bd21 10283df9fce094267720532246e9d80b3c2061425f657497652e71de4c95de06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:55:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 01:33:19 GMT
Expires: Tue, 06 Dec 2022 01:33:18 GMT
Etag: "03e52819d86a0fa523e77ed24126e76e5369bd21"
Cache-Control: max-age=552495,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771c867d8a480b45-OSL
|
|
| bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0 | 139.45.197.234 | 200 OK | 1.4 kB |
URL HTTP/2bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0 IP139.45.197.234:0
Hash7e6709899ae8f03aa50ace8cb35ea709 ce9262258f88ceb32cfc01a3d68aef40af0c5576 9f95990b1460b8c5fc2716fb78ca0b08c5cb4397f9ee7ef7de4e8449d0e3518c
GET /5/5307591/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json
x-trace-id: 40a3d0540ebf371ee59788efe2b1f6ef
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:02 GMT; path=/; secure; SameSite=None
oaidts=1669737302; expires=Wed, 29 Nov 2023 15:55:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c | 139.45.197.242 | 204 No Content | 0 B |
URL HTTP/2nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c IP139.45.197.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| nanouwho.com/11?rnd=3372972648&z=5307589&b=15678895&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=79 | 139.45.197.242 | 200 OK | 0 B |
URL HTTP/2nanouwho.com/11?rnd=3372972648&z=5307589&b=15678895&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=79 IP139.45.197.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /11?rnd=3372972648&z=5307589&b=15678895&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=79 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=7b33e5170dc54c28acbbcf7b6c8c985c; oaidts=1669737302
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b7ffd574a8dcd9ccefea18ef354a56ac
access-control-expose-headers: X-Sc
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:03 GMT; secure; SameSite=None
oaidts=1669737302; expires=Wed, 29 Nov 2023 15:55:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe4fd90ddd07011b51e9ef88955645554 6589b0a51a6bda338bd4cea26fe2ec74654f0f83 d5f3f6dbf4fa85d20e3d9d7a587f96632bd619998113b6ef373f1b91d4f89e7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5F3F6DBF4FA85D20E3D9D7A587F96632BD619998113B6EF373F1B91D4F89E7C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7939
Expires: Tue, 29 Nov 2022 18:07:22 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20452
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03014221d7f49b50ffc2d1b0a0e75457 772d86ad983042a728ee3490630a9cf1134ad0dd 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 39913
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha2a5c8d4113d282600462749315f2c4f e2b4d2e15bb7c086333c0da438873e4c139ba931 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 65289
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash83c1fedec73299637cc7dc47c48af758 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 45412
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1f434933b5bd6377d299ada22d1ae7ef 075531f525e625b117b2497f31139c9824d0e9c5 b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 64388
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash823e92f62ff7b3c2093828817d7f2866 c501de9eaa581a10b0b5fce40b54bb10f57f7c29 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 65288
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcce27a1fe8c0222811a5ce0e7f89e1cb 28c165bac8cf68cd1b0763c311aece00672cb3a5 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 20731
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| interstitial-07.com/contents/s/48/d5/69/b4e2304d0defb0ebfb28f0c177/0982711621690.jpeg | 139.45.197.155 | 200 OK | 22 kB |
URL HTTP/2interstitial-07.com/contents/s/48/d5/69/b4e2304d0defb0ebfb28f0c177/0982711621690.jpeg IP139.45.197.155:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data Hash48d569b4e2304d0defb0ebfb28f0c177 67f5ba42d04f3f6e866f5c3818eed999fc519078 4652008fea2da7487d039c47e2db3abc5e7d2d00860bd11823f218e1ecb84e3f
GET /contents/s/48/d5/69/b4e2304d0defb0ebfb28f0c177/0982711621690.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=4zRVEGT4TQSgCFP&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2927507587%26z%3D5307589%26b%3D15678895%26c%3D6310333%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1141%2526key%253D6d92cc76db26593ec9f35607e6e3051c%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3De759df83-537a-43f4-bbb0-0b6d04166d18%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F7LJJe%252Fpack232.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: image/jpeg
content-length: 22082
last-modified: Thu, 13 Oct 2022 07:23:39 GMT
vary: Accept-Encoding
etag: "6347bcfb-5642"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash614da8f925b88a5a7b662acd4eadffc2 024547cda47a0ae4b4fd9aa1b3637e1b4fcce46f 85177a491b51d70649cd6a7d6bc40f71bafd26f63ad522650f777fa733ebe498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85177A491B51D70649CD6A7D6BC40F71BAFD26F63AD522650F777FA733EBE498"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Tue, 29 Nov 2022 18:52:16 GMT
Date: Tue, 29 Nov 2022 15:55:03 GMT
Connection: keep-alive
|
|
| interstitial-07.com/contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg | 139.45.197.155 | 200 OK | 54 kB |
URL HTTP/2interstitial-07.com/contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg IP139.45.197.155:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data Hashcfe3c6357c4eaea3ed3e2e344967417e 1d4d9f3ab0e0a6e3d346b3c2540ebbe07ebd6109 d0388861931b832e7f50a4cb01f46a670c370c0516ac8e5692d062c3c07ceba6
GET /contents/s/cf/e3/c6/357c4eaea3ed3e2e344967417e/0425459167440.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=4zRVEGT4TQSgCFP&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2927507587%26z%3D5307589%26b%3D15678895%26c%3D6310333%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1141%2526key%253D6d92cc76db26593ec9f35607e6e3051c%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF%26bag%3DHBQRD2DVrBLxyGC0bJRK8w%3D%3D%26ruid%3De759df83-537a-43f4-bbb0-0b6d04166d18%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252F7LJJe%252Fpack232.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: image/jpeg
content-length: 54466
last-modified: Wed, 13 Apr 2022 02:17:27 GMT
vary: Accept-Encoding
etag: "625632b7-d4c2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg | 104.22.33.172 | 200 OK | 11 kB |
URL HTTP/2offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg IP104.22.33.172:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data Hash2fed87d8d9131d075b72354b838c2d77 69624c46c1556c35c67e85724451cce20ad405ec 8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Wed, 30 Nov 2022 08:26:08 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 26935
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c86820e839924-ARN
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vctx?t=72747 | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vctx?t=72747 IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f090f01be26764b5d4a5488431aaaa0a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0281cd055b53ce0539de6f25d19bd93c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| nanouwho.com/15?rnd=2753011074&z=5307589&var=&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.091%2C%22location%22%3A%22https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D | 139.45.197.242 | 204 No Content | 0 B |
URL HTTP/2nanouwho.com/15?rnd=2753011074&z=5307589&var=&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.091%2C%22location%22%3A%22https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D IP139.45.197.242:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /15?rnd=2753011074&z=5307589&var=&rb=3HtcOd_-M8--D8pJhqXHjYifb8zC_UzslKyNbIxs9VeozITH2G4nHvGV40Q-Kf0tmfLXD6GyxkxMNNBZrbM1FhL_EO89Jkz1AGdjB2QuPSfxZBSzSLx-9OTHHPDA-vGwUaY2ah-_0RhSIb3DVzsxQ8wet7-cGFSqghodlVnS0ECrUECtfi64J2OnSPYHx8jpBRhrGmkIuZW7RcVGfMsCCSNrfZUSbkn_6BsDlgMy5_wbB_ICoGnCMCqIw9Eb32vX2kND9UNOufWncb8ptnkh9jcIDH3mvEylvdJ-BdSIdWYkj7LBAmWTRa-0ZmLkwS5lYwp96xX5kfXyJCgxeWKcuI4uBBXPOizM-vRyr1k8n-lFZHh0cb28w3rAU4AjqBePPfA-GQ_Kk5kWcsqOBcfuIBWXktWHhDg7Ps4M01e8NItD0XdEueL-pfkYxZGwYu1jp4EvsZKCsFNSLX9xURxtyoq6xa455hbpKJ0ykiMcC53djJJTAxJCcnrZM64onl-fbUDF001aFGQ8SK8wrlYLnfc4MNdtmhj5zPt50m1L0OZn8KBy3qkHoBLe4ff6KQujf45j2qQgRy-SprwIOV0R6pSbXxOWdZzXsYVRo3qVSNXzZn2_EY--7YDovx4zQIAof3uky55cJrdn5NhF&ruid=e759df83-537a-43f4-bbb0-0b6d04166d18&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.091%2C%22location%22%3A%22https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=7b33e5170dc54c28acbbcf7b6c8c985c; oaidts=1669737302
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:55:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a3a71b98f500c5ad928c7632e1b02dcd
access-control-expose-headers: X-Sc
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:04 GMT; secure; SameSite=None
oaidts=1669737302; expires=Wed, 29 Nov 2023 15:55:04 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| unphionetor.com/fv.js?t=72747&cb=1880195983 | 139.45.197.236 | 200 OK | 2.2 kB |
URL HTTP/2unphionetor.com/fv.js?t=72747&cb=1880195983 IP139.45.197.236:0
File typeASCII text, with very long lines (5213), with no line terminators Hash0254fb1dad74628b7ad0f97d304fac92 35f7af13a08eb87023ec7df4d3c35c21b2cde79d 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /fv.js?t=72747&cb=1880195983 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4c2f474fde766d30ddb081f9e1596603
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| betotodilea.com/impression/HBBcdeDBPtTHRDpuMaJWMqNCe2uRsbjrCO8xBd4smZY6tfsAWy_w9ErJGnw_Yt8KAbQsEaTSbzBjrIvIb1tiDn8w320p_V88z2beqroP82kYf-Ww9T_zXPs-IY47lkqnvT61UVfVAh7u-WWfHSoQYlrNV2qDg0AgMufa7_keXKVxvudsSKkrmFKzNKOI1IXT4NpzgepJAzoTIpzUW0L2a_NURqBODNnRfuLLTO4fd1USpDUgVtCfzhsYUhimcBA-69xNEnlkMytH_xuXIRl115Pr7WCSrUS33FXOhKhrAgCM7HmkF1eIpkzvji9hqUJJU4NQG2QQfmTJ2DKBEm0RByuBHyIpdFGvdueo5Omqvkhwd3IOkJgrk_81OFz3ozN88FXGMokY3YgTPBUJeUXHLSET3id5J9bSIXrggtsItGuAHJjFKp-cXw1YwZi-CDDrONYjXReW2X0ISj1cLfnXNCrBnP7mmXJzUhiB8q3pK4guZTczI7BTtW97RGG5yLvOCuY_bfZDJAsTQIDcIp7zioKz12_72FP0TIhLT2AGseJ1dxK-ZMqnP2LXQILKjlcKO7QpQRsB3RsfBGXvntdpbILRM7bd4Qdk?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 43 B |
URL HTTP/2betotodilea.com/impression/HBBcdeDBPtTHRDpuMaJWMqNCe2uRsbjrCO8xBd4smZY6tfsAWy_w9ErJGnw_Yt8KAbQsEaTSbzBjrIvIb1tiDn8w320p_V88z2beqroP82kYf-Ww9T_zXPs-IY47lkqnvT61UVfVAh7u-WWfHSoQYlrNV2qDg0AgMufa7_keXKVxvudsSKkrmFKzNKOI1IXT4NpzgepJAzoTIpzUW0L2a_NURqBODNnRfuLLTO4fd1USpDUgVtCfzhsYUhimcBA-69xNEnlkMytH_xuXIRl115Pr7WCSrUS33FXOhKhrAgCM7HmkF1eIpkzvji9hqUJJU4NQG2QQfmTJ2DKBEm0RByuBHyIpdFGvdueo5Omqvkhwd3IOkJgrk_81OFz3ozN88FXGMokY3YgTPBUJeUXHLSET3id5J9bSIXrggtsItGuAHJjFKp-cXw1YwZi-CDDrONYjXReW2X0ISj1cLfnXNCrBnP7mmXJzUhiB8q3pK4guZTczI7BTtW97RGG5yLvOCuY_bfZDJAsTQIDcIp7zioKz12_72FP0TIhLT2AGseJ1dxK-ZMqnP2LXQILKjlcKO7QpQRsB3RsfBGXvntdpbILRM7bd4Qdk?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /impression/HBBcdeDBPtTHRDpuMaJWMqNCe2uRsbjrCO8xBd4smZY6tfsAWy_w9ErJGnw_Yt8KAbQsEaTSbzBjrIvIb1tiDn8w320p_V88z2beqroP82kYf-Ww9T_zXPs-IY47lkqnvT61UVfVAh7u-WWfHSoQYlrNV2qDg0AgMufa7_keXKVxvudsSKkrmFKzNKOI1IXT4NpzgepJAzoTIpzUW0L2a_NURqBODNnRfuLLTO4fd1USpDUgVtCfzhsYUhimcBA-69xNEnlkMytH_xuXIRl115Pr7WCSrUS33FXOhKhrAgCM7HmkF1eIpkzvji9hqUJJU4NQG2QQfmTJ2DKBEm0RByuBHyIpdFGvdueo5Omqvkhwd3IOkJgrk_81OFz3ozN88FXGMokY3YgTPBUJeUXHLSET3id5J9bSIXrggtsItGuAHJjFKp-cXw1YwZi-CDDrONYjXReW2X0ISj1cLfnXNCrBnP7mmXJzUhiB8q3pK4guZTczI7BTtW97RGG5yLvOCuY_bfZDJAsTQIDcIp7zioKz12_72FP0TIhLT2AGseJ1dxK-ZMqnP2LXQILKjlcKO7QpQRsB3RsfBGXvntdpbILRM7bd4Qdk?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:07 GMT
content-type: image/gif
content-length: 43
x-trace-id: 121377a883711b1560a3b9edd59c25d3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
OPTIONS /500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 16 kB |
URL HTTP/2betotodilea.com/500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashfd49cc7ca114765f07625577c54936df 980578e6c4e71ed493c67af88210244464a9fb4f 0e21971a55d277dc52028655a3251fe82c7c850332695957feebf7aba6fcea99
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5307588?excludes=15161934&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:08 GMT
content-type: application/javascript
x-trace-id: 6b0ce76dd032edd2de1733ce872ce211
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /500/5307588?excludes=&oaid=7b33e5170dc54c28acbbcf7b6c8c985c&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=1167c0f33b204b91a340fbf0c345bc0b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:03 GMT
content-type: application/javascript
x-trace-id: 00640e27b6a32a9a5cdc1f9cfa72ab99
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c | 139.45.197.242 | 200 OK | 0 B |
URL HTTP/2nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c IP139.45.197.242:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2F7LJJe%2Fpack232.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=7b33e5170dc54c28acbbcf7b6c8c985c HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 105
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=9ec6361ec00f4443bcf4242869c0a045; oaidts=1669737302
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ddd9d9f069d21efa6c7f1e7d0be7d151
access-control-expose-headers: X-Sc
set-cookie: OAID=7b33e5170dc54c28acbbcf7b6c8c985c; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
oaidts=1669737302; expires=Wed, 29 Nov 2023 15:55:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ibrapush.com/pfe/current/tag.min.js?z=5307590 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2ibrapush.com/pfe/current/tag.min.js?z=5307590 IP139.45.197.250:0
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonymfile.com/sw.js | 138.201.48.112 | 404 Not Found | 0 B |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/7LJJe/pack232.zip
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:55:02 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ibrapush.com/pfe/current/universal.min.js?v=3.1.407 | 139.45.197.250 | 200 OK | 0 B |
URL HTTP/2ibrapush.com/pfe/current/universal.min.js?v=3.1.407 IP139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.407 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-18b14"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| betotodilea.com/400/5307588 | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/400/5307588 IP139.45.197.237:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:55:02 GMT
content-type: application/javascript
x-trace-id: 307b3155395b08b7427d440a0459f80c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=1167c0f33b204b91a340fbf0c345bc0b; expires=Wed, 29 Nov 2023 15:55:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| anonymfile.com/7LJJe/pack232.zip | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/7LJJe/pack232.zip IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /7LJJe/pack232.zip HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 17:55:01 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 17:55:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 29 Nov 2022 15:55:01 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| anonymfile.com/sw.js | 138.201.48.112 | 404 Not Found | 0 B |
IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:55:01 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
|
|
| anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js | 138.201.48.112 | 200 OK | 0 B |
URL HTTP/2anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js IP138.201.48.112:0 ASN#24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/7LJJe/pack232.zip
Cookie: XSRF-TOKEN=eyJpdiI6IndCbjVMS0lkZW91RlMrVnFaeEt5aWc9PSIsInZhbHVlIjoiRzgvY3hhNlFIUEhVa3cvZjdINm5rdmE0enBLMEtRUGxleDcvOVoxQUU2SGJTRnBtS3NpLytKVFBXTW1aM24zWGt4dXVYQk11UVUyamJ3RHVaYXVmVnlnOW93TE1NTDRoMG1mL0d4TWtSclNzK2FKMmxlZ2E3VmhqTFRObG5tNkciLCJtYWMiOiJlOWM1ODUwOTUyODc5YjZkNjliZDVlNGNlMjRhMzYzNDZjYTJiNTBlNDcwN2VkODdiNDY4MjM4ZTcyNTBhNmZiIiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IitqcDFMMmpIT3dLVFYwUzFLQk1ZWlE9PSIsInZhbHVlIjoiNHN4YVdEZmc0bm5BR2JmZzFlRWFOSUt3bTg5bE52eTQyaS9SbEtNd0hnTVR5ZjFTdlRFVnNjYVdnRnB1d014SVh3NERVSjQxT01JZWFkL3JqbUZveVJBOW5rOGhwL1NnNHpIV0ZrQXFLSEgvQWg2Q0dLQVpqejFlOURyUTFNbTAiLCJtYWMiOiI1MWI0ZDJjMTlhMjg0Mzk3ZjU4MDk0ZTIwMDliZWVlYThlMWFiMTQ0MGY1MWUzNjA0NjJlN2JiYzg4MzUzNGU5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 15:55:01 GMT
last-modified: Tue, 29 Nov 2022 15:55:01 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
|
|