anonymfile.com/dqxXo/pack-mex.rar
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/dqxXo/pack-mex.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /dqxXo/pack-mex.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 15:57:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/dqxXo/pack-mex.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10560
Expires: Tue, 29 Nov 2022 18:53:09 GMT
Date: Tue, 29 Nov 2022 15:57:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1678
Cache-Control: max-age=154920
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:09 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:59:09 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 15:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2354
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5011
Expires: Tue, 29 Nov 2022 17:20:40 GMT
Date: Tue, 29 Nov 2022 15:57:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4PpuUIaO06hPiXCWS61qCbTLwapbsirHZgGXhDmyYbznimZ/cV9ihVlFLoBIsK3KA0HHIE/4CrQ=
x-amz-request-id: RP5ANQG4G1ZPD2Y9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 15:45:31 GMT
age: 698
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 15:11:13 GMT
cache-control: public,max-age=3600
age: 2756
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:56:14 GMT
expires: Tue, 29 Nov 2022 16:01:14 GMT
X-Firefox-Spdy: h2
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:56:14 GMT
expires: Tue, 29 Nov 2022 16:01:14 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:09 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10617347
expires: Sun, 19 Nov 2023 15:57:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0HI861z4cpIsaSsw%2FhJuat2ggpKZX4YzqM%2BS7QR4oYpXXmTADOn1%2Bx5jO7idH4wDJ4Z9LuBR%2FE1tMmIiZn4a3eZjxNx1OQuIeVpcKPfbLImDmS%2B1hxkjFOXNoesFctx5Z8oi4xI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c8998997cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
104.17.24.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP 104.17.24.14:0
File type assembler source, ASCII text, with very long lines (17282)
Hash 78aabb09e30a9eb6f833cbb1b48bdb2e
e876ff16b6c511bc217973e51202aaaf23a4e936
8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:09 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 531119
expires: Sun, 19 Nov 2023 15:57:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gPUvNGnY39gQdk21u2E9Pv4Eiayfex3d0eBY44QWVebWHddWwLhRsn0DIJ36eRp%2FnRZ6Kn8AWRqTaSRjeImDyx0%2F5d0737HVE9g%2BdMg1uXFpkEslHFPWTh47B%2BAbh6GIHmG%2Fa8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771c8998f8fab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3373
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:09 GMT
Last-Modified: Tue, 29 Nov 2022 15:00:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 41 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:09 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar
138.201.48.112204 No Content 0 B URL HTTP/2 anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:57:10 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.193.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.193.229:0
File type ASCII text, with very long lines (43295)
Hash d1c014750780316b0165f72b7c5dbdfa
f6304c0a6d279485b2729de0213500a9cbcd5b5a
bfa1a4e1470d6f6bb522befcef6c60098ecfae855c4dfe9157c5a81ebac45bc6
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.14
x-jsd-version-type: version
etag: W/"fb49-+/dZCApQZmEeYYbR5fA6SnpuL68"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 15:57:10 GMT
age: 14551
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18033
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4393
Cache-Control: max-age=87064
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:10 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:08:14 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4393
Cache-Control: max-age=87064
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:10 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:08:14 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 0f1f735b8e92aaf4a6b1b08a137a7f14
508c529ffdaf42cb222b46a4c125c76c3fb08be9
a2a7c35e148022addd34da631734f564c16838162eddd1991ac1b59961b7cb46
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 15:57:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AD3A864477924B95F5FE21415D0713BCBA1ECEC6"
Expires: Wed, 30 Nov 2022 03:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2837
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771c899a2d33b529-OSL
unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
104.16.123.175200 OK 7.7 kB URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
Hash b7449c5aff44e4401e776b8cc81c3bc3
f42223598ac5a3de175eef57b5202cadb1567138
21053ead10e4f0ef03fd7990568370d4ecf360360c6165be9df604a1773ef25b
GET /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-mapzppsO4HAWL/eiqLcABeu0hWU"
via: 1.1 fly.io
fly-request-id: 01GJZ5C0MRVMZFWGTQD5XR207X-ams
cf-cache-status: HIT
age: 96812
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c899a3dcfb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y3Rbjf6qVaM4sM3vzZJfpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XvZDhjnwB83iFIij9J8PSoeinQI=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b3c8449a926473e4d3e29699ddd51329
f928c3e70e09ac566f07364787ddf098ac07fe9f
fc2bc4af108ab63169b2e3397e8a48ed91a5e6cf70216740397b60f4c72d47e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5380
Cache-Control: max-age=99200
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:10 GMT
Etag: "6384f752-117"
Expires: Wed, 30 Nov 2022 19:30:30 GMT
Last-Modified: Mon, 28 Nov 2022 18:00:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
inklinkor.com/tag.min.js
104.21.91.63200 OK 25 kB IP 104.21.91.63:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 813e46d21a7281f8d1246a943534a36c
89f82c9eedfb4cf6f72190ab3215ec838d1829a1
1b9110a16e918fbf5803036a95dfb78b9ac79a4b2e71b38e14a6c261ab43e335
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 2e7bf06cffaea65a222f2fc76422ca3d
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:03:42 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 30 Nov 2022 15:41:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 916
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quQfn45ROAjyrZfM4nCaeHeRguxkqBE36sirhA6QDxpqAnxn0Dr9sV%2FakWcsvokgHcKeXcJmhSKMA9Dgpq0yLJI%2F6nRWT7lx42v004ZnNBCUx1SNn4zBeIfSTynrdv63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c899e58a90b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 128 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Size 128 kB (127712 bytes)
Hash db7931dcde0bc3fa8c7a42984c2721d1
a154730d791bbd2d884684b372427d2b1ce16bc3
1dfa0c13c09000a7f66fd011fbc458a958231bd20f0f852d26e13f598ba20cc6
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:57:10 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 284c13ae05ebc070974801739fe2469c
545c0b0e4b7abd1473772d8c13ef03c5d195f9b5
b87ac05685ea853bd1c6cb33a62da614940e46bf032b287648df35d8bd5f9d7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B87AC05685EA853BD1C6CB33A62DA614940E46BF032B287648DF35D8BD5F9D7A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16673
Expires: Tue, 29 Nov 2022 20:35:03 GMT
Date: Tue, 29 Nov 2022 15:57:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfd37ae2da5cc16d38d1d0ce5a3af6da
224117ab84ae9dbf57b1be06a30d21cc83dc9de8
2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:11 GMT
Last-Modified: Tue, 29 Nov 2022 14:49:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfd37ae2da5cc16d38d1d0ce5a3af6da
224117ab84ae9dbf57b1be06a30d21cc83dc9de8
2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:11 GMT
Last-Modified: Tue, 29 Nov 2022 14:49:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
tzegilo.com/stattag.js
104.21.84.149200 OK 5.7 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 664825bd0611435460af9b1076541af5
2f545bedb9ba33b7efd7585d81618e93ee31782a
87dc9ea33e8f33077e53e6f7260a6d28700946a543c9302e8d7d27bac29fe483
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNrxK9bv4mOfBWN45ETW3ThWYGC9zEpOyUGn5Uzvh9ITEfQEN7HjwY49ADnatPnPj07JkVQt6XMjD0CL6ayrPLRtdyGuZbthaGlhDW1afX5Mv8F4BUJlLRah9c%2FBgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c89a03b28b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab4aa08fae72ab5a3faf9881aaf21c6f
1e8d23b619b5073f45d5558c59070ed3b8462114
4f8e847be14db15d5bf0781846019a186afd7dd491dea427adf36e175939c467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F8E847BE14DB15D5BF0781846019A186AFD7DD491DEA427ADF36E175939C467"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8897
Expires: Tue, 29 Nov 2022 18:25:28 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57ffdd6917483a01cd7e8aa73a309ecb
da216f869b781d28dd2a254da7884f4b9741f2cb
0863dfe36c597899469f98f546f41188c12b4638bc1c3e7f5b95d8fa22efa5e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0863DFE36C597899469F98F546F41188C12B4638BC1C3E7F5B95D8FA22EFA5E6"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3830
Expires: Tue, 29 Nov 2022 17:01:01 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ae08e4ab68a9b974d100e32fb800900
4ce0f7cb3fe345a1e30a543b776520fe509578b2
e956d9afcbb5685fa484cd4fbb2a38dfbd84c888bec357e97c5b196d4ba4698b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E956D9AFCBB5685FA484CD4FBB2A38DFBD84C888BEC357E97C5B196D4BA4698B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5122
Expires: Tue, 29 Nov 2022 17:22:33 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=19bded8de94847ce9a4ac311cda88a06
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=19bded8de94847ce9a4ac311cda88a06
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash a5fe49833c96456a415b07f63d97db51
e3815cc07fb637c6c90010ef9d9d76126a0d7ab6
9bb5279e9c838b8738734b63a16e52c6d33b4fe955cef978592de2d281ff7e14
GET /gid.js?userId=19bded8de94847ce9a4ac311cda88a06 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 7441eac8eb2275c8caf79563b127e4bf
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 6.5 kB URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
Hash 6a78832848e9aa64ea713f54b2713021
7c7864852d54988dc99b7d502e9dc49d9cffc196
7fb00660286f6259972f1d1076e1fc9a8f2c26908a9df9d244be03e9b98826da
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8219
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8219
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8219
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8219
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8219
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 15:57:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 46554
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 903
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 29 Nov 2022 15:57:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 62031
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 46899
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 65223
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 64694
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 39890
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 383
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 486478ebf4c67adf77e0e7d6d1cbf3b3
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 767
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 81fa0a8d1de4ad21ddbbe9f6885d1a2c
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=1093712434&z=5307589&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=1093712434&z=5307589&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1093712434&z=5307589&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=80 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=19bded8de94847ce9a4ac311cda88a06; oaidts=1669737431
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ec1aae6b8e4c1a63d4f0ebc15557c3b8
access-control-expose-headers: X-Sc
set-cookie: OAID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
oaidts=1669737431; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/121?rnd=3913874534&z=5307589&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D621486438547984384&cln={CELL_NUMBER}&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&bag=KatT8992il1PNolIK0cksK14Rt1Muyxx&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384
139.45.197.242302 Found 0 B URL HTTP/2 nanouwho.com/121?rnd=3913874534&z=5307589&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D621486438547984384&cln={CELL_NUMBER}&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&bag=KatT8992il1PNolIK0cksK14Rt1Muyxx&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3913874534&z=5307589&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D621486438547984384&cln={CELL_NUMBER}&btp=7&rb=VnZAFPU2V4ysOHeHeHqQlp7RcluU1UIjrUyzQEd3LySDRXGrw4hVR4LzjCkhgszTHYfQjpjS5Cl-nnjIf8H85figGFIwOOA0VB2iP2GkdEngZOsWY6AEUCc0gabAHQ47x4JMqZODUiMrnB9fUwEwB7cwGPAPHHGUK6v9Kyi-6FUuHXr3xnQnkQUN3NtiRrEfJ0cBGdz61Znsj20y6rIXVzE9jqqWkg-e3u083A3OyKG86RiKkbexI2in4yuVFvyg002AHAdTRqtrgJVQsRDBxDBkrLw-4PbfpDWY-W6pMMetMheCCmtfGY1F3FXqXt9z2JVqF4smCW3L3u6-ZfGS_hrjPPQjYXCtwZWdazlA3Kx_5yutBIBdT9v-p3WbsFlBkwWZlq8gN_lWcfFjBj7m7HwFEsY6iEhFT_srg1OPJfb_Xylvt8mKH8kRju4FYr25HhjieQwz5ZMsNtntfpFCA20J8G_X4PyKqMDedciyADcS0OsmMFG7mZru-Sb9rHmgoc3VA0OI0ebUc0bDc_nJ1a7Gv55BpUtNLgVIEzr4C6o6rzQC8W_UAKNtuKSP1mwfbHJdzgyOBeP4R_-upZvjWXdpzpXeOTUvut2W7tZizUz5THLTIA8F_5NCQKMJxkT4C9FdEHr_Cta6Dcz665rbGXkRsiowHj5umSqXI4qYALp4aNicbPzH0Cjn7L1UcWct5izZ3ORzn-0=&bag=KatT8992il1PNolIK0cksK14Rt1Muyxx&ruid=dc2a0660-c311-4611-9cda-9c7c95d3d2d4&subid=621486438547984384 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=19bded8de94847ce9a4ac311cda88a06; oaidts=1669737431
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=621486438547984384
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: d44257ee221804ee3603abdde4df8e49
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash 2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Wed, 30 Nov 2022 08:26:08 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 27063
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c89a5ad8af13a-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 123a340aea6fcf4a041e2cf689ad7608
4eba92ee0878f8ad6a3f0745cf3e7f2f74e6f4a0
743b0f2c63fb9037883eec75452406a27eb88487cfe62d7be4efb26dcd33e714
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "743B0F2C63FB9037883EEC75452406A27EB88487CFE62D7BE4EFB26DCD33E714"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13613
Expires: Tue, 29 Nov 2022 19:44:05 GMT
Date: Tue, 29 Nov 2022 15:57:12 GMT
Connection: keep-alive
www.nbfcs.org/
23.254.229.241200 OK 6.0 kB IP 23.254.229.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21931), with no line terminators
Hash 82f7ebd8701c40c39afa850cc7c515b3
cf05ceb6bfa316ef0b704fad58d85231bf76e813
4df4a0a2d1363b0de6711f3097ad24945bef63705d405ba98462f3e7e511ee73
GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "uqsryvyf23gx7"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/css/0c5f4ede549cbca6.css
23.254.229.241200 OK 6.3 kB URL HTTP/1.1 www.nbfcs.org/_next/static/css/0c5f4ede549cbca6.css
IP 23.254.229.241:0
File type ASCII text, with very long lines (27456), with CRLF line terminators
Hash 0811020f3445a2d8bbb1456886ff3125
b4f42471bf997f7683ca7893b3846d73df6fa48b
d556a6c979e0db981d53e0a17f74a63b1b01fc7a09b8a794f7e7c5971d056188
GET /_next/static/css/0c5f4ede549cbca6.css HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"6b80-184a9de0cb3"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nbfcs.org/_next/static/chunks/webpack-be42ab225d639761.js
23.254.229.241200 OK 1.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/webpack-be42ab225d639761.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (2279), with no line terminators
Hash 3f0938761804a130090e2ab548c4a257
d25c3e36258fe0f9bdc96f70090841f4734603fb
76c6d61fc52d50db36f3edb88298f5cc6bb76f7fa127b93b17e6e3b25dd27c05
GET /_next/static/chunks/webpack-be42ab225d639761.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"8e7-184a9de0cbf"
Vary: Accept-Encoding
Content-Encoding: gzip
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06
139.45.197.242200 OK 48 kB URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 6e1e1bec752ba7c5c65c1cc96c1c49cb
2f5f43d86eccddf24499d863541ba1033b5faceb
7fa70e143d887f93ca22b2b832af20ae2ead653f566012a36ed47f4c41d3d784
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19bded8de94847ce9a4ac311cda88a06 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 107
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=3ac17c994690491391ec203aa1ee5b19; oaidts=1669737431
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 50c4c7e6c1953fbc206f6a749cc91b06
access-control-expose-headers: X-Sc
set-cookie: OAID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
oaidts=1669737431; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2
139.45.197.242200 OK 132 kB URL HTTP/2 nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 132 kB (132480 bytes)
Hash 64befe64515cd638310a8b2c3fbb5d5b
8a2bf76e4964717c01f6e88e6d0e3afeba5472de
5a3345b476f0da8b2cafe44d7b8220c362fc37329e58e78e3da7d2f6bca39d2e
Analyzer Verdict Alert quad9 Sinkholed
GET /27/04ab1c44ee7c7870e42713e938fe14f2 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=3ac17c994690491391ec203aa1ee5b19; oaidts=1669737431
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Mon, 28 Nov 2022 04:04:40 GMT
expires: Mon, 28 Dec 2082 04:04:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
23.254.229.241200 OK 4.0 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (9695), with no line terminators
Hash b3c02e1fad26ce52b2c668a7a4d28cee
569685ce3b8247f5129b1c919c3a053c6ddc5dd9
c29babbe1453bd1bc3dc66e5d57024e097bf3826119f6e7347af63503907cfe2
GET /_next/static/chunks/675-b73f41980c39ec6a.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"25df-184a9de0cbf"
Vary: Accept-Encoding
Content-Encoding: gzip
betotodilea.com/400/5307588
139.45.197.237200 OK 66 kB URL HTTP/2 betotodilea.com/400/5307588
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5389e0568b2b1f133e2b5bc9fccd2ea
317c52bc9edf0e038e975bf9e3b62b6d8024fc60
396ddb45d6e45dfe629d17749c5e954e9ea8bd0732631fa6a3a02aae3e39a3ab
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
x-trace-id: 4e2d935d6aeb8639cd1d41fac64c2d91
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ba7bb2cf66e248eea6c04c313ed9c79f; expires=Wed, 29 Nov 2023 15:57:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.nbfcs.org/_next/static/chunks/142-cfa34399544ede12.js
23.254.229.241200 OK 4.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/142-cfa34399544ede12.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (11209), with no line terminators
Hash a0c43e8f3abb41b6bfd13c130312473f
12f7571bfc379fcd9612b28bba1b86b69e24db88
1e15f9790cdf0e2635e4eb4a6be86af525713a330bf486fc5e5ad2c7260c0ec2
GET /_next/static/chunks/142-cfa34399544ede12.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"2bc9-184a9de0cbf"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/554-8e154f641094aae5.js
23.254.229.241200 OK 6.4 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/554-8e154f641094aae5.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (28773), with no line terminators
Hash 59e24887f5a60c851516e207eb0c1248
4acefb4c45a8056f4d9f1ebdfda39f92e9d56009
ea4099e28e9846da0dddfcd1704e90f0cefa2ac31d4519463d5a6485a3330b0a
GET /_next/static/chunks/554-8e154f641094aae5.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"7065-184a9de0cbf"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/pages/index-91a3cdc15b02427a.js
23.254.229.241200 OK 18 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/index-91a3cdc15b02427a.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (57689), with no line terminators
Hash ded9d9442d40976516868057f86477b0
8c1d9585999e65340fc180646d7cb2f3d1e2cdba
66c42791b943625f9e7a74e52d94ce2d2beedaf4b2cb5fb802cdbc0faa4086b8
GET /_next/static/chunks/pages/index-91a3cdc15b02427a.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"e159-184a9de0cbb"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/AfBL_XXUzasyzox2MlExU/_buildManifest.js
23.254.229.241200 OK 891 B URL HTTP/1.1 www.nbfcs.org/_next/static/AfBL_XXUzasyzox2MlExU/_buildManifest.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (2441), with no line terminators
Hash bfcfe3934536e0e119410d4447695141
33d216ce8cabd4516b7bb6ce150269e04a7c69a8
032b75eee14bbae61b7eea5efbee8244265a1445c157c8ff2aaaac433a72b0b9
GET /_next/static/AfBL_XXUzasyzox2MlExU/_buildManifest.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"989-184a9de0caf"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/AfBL_XXUzasyzox2MlExU/_ssgManifest.js
23.254.229.241200 OK 77 B URL HTTP/1.1 www.nbfcs.org/_next/static/AfBL_XXUzasyzox2MlExU/_ssgManifest.js
IP 23.254.229.241:0
File type ASCII text, with no line terminators
Hash b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/AfBL_XXUzasyzox2MlExU/_ssgManifest.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 77
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"4d-184a9de0cab"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 15:57:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nbfcs.org/api/authUser
23.254.229.241200 OK 2 B URL HTTP/1.1 www.nbfcs.org/api/authUser
IP 23.254.229.241:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /api/authUser HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nbfcs.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
betotodilea.com/impression/obsS6io4-PDVKJl-h9o6FmazGb_5VhuX0o0Myy-7S6D12G2QZiCDEzlqt24TsfmJTEwlMd8SubP29rRlEtEQwunFHi5rUJeMWPCZFg8_z38JP6vICIDmmvc6zaMkwxWtcbF-aTxuAFaPsiKqWtIolQon3m0WHq-9UbZP4Nlo4ku46qW9bMgwBWVhfr1zxGkEvFeiER1yLHflosxu0-1l50U1VNUhQkvutUfiCpc9NMEB7EUz2Xs8itaK2zOmloncxdjrJ7c1Bjp0TlglzLYROPfXpY9Icoz-EZAq9cKIH-yRNc2PuoaLJGEEulYaksdTXGTBdckKCBV2uV4hRFkVp65ZsvuvrMytz8epGnv93v7AyZzFHQ6oQPCtlQrmhjv-IKakTvwMb_W87_ven1AhfQbg1ihZvRlVnGhQiOMFtUotYblt7sWQ9JpE9bNqZsH2x3fdfrg981MbeqETJKBa30zyCQyrKqgYAiJoSjOk26vq85RvfHT9vR3j3GpgsOtHPOYFl5D6rdL-I4RQofid4K-Kxem2kVNIDCiFIUy9QSSIadbyCGtnramlBiSX-m_wuRfOZG64m3oCb92c0aSukPmq6qMaMnKs?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/obsS6io4-PDVKJl-h9o6FmazGb_5VhuX0o0Myy-7S6D12G2QZiCDEzlqt24TsfmJTEwlMd8SubP29rRlEtEQwunFHi5rUJeMWPCZFg8_z38JP6vICIDmmvc6zaMkwxWtcbF-aTxuAFaPsiKqWtIolQon3m0WHq-9UbZP4Nlo4ku46qW9bMgwBWVhfr1zxGkEvFeiER1yLHflosxu0-1l50U1VNUhQkvutUfiCpc9NMEB7EUz2Xs8itaK2zOmloncxdjrJ7c1Bjp0TlglzLYROPfXpY9Icoz-EZAq9cKIH-yRNc2PuoaLJGEEulYaksdTXGTBdckKCBV2uV4hRFkVp65ZsvuvrMytz8epGnv93v7AyZzFHQ6oQPCtlQrmhjv-IKakTvwMb_W87_ven1AhfQbg1ihZvRlVnGhQiOMFtUotYblt7sWQ9JpE9bNqZsH2x3fdfrg981MbeqETJKBa30zyCQyrKqgYAiJoSjOk26vq85RvfHT9vR3j3GpgsOtHPOYFl5D6rdL-I4RQofid4K-Kxem2kVNIDCiFIUy9QSSIadbyCGtnramlBiSX-m_wuRfOZG64m3oCb92c0aSukPmq6qMaMnKs?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/obsS6io4-PDVKJl-h9o6FmazGb_5VhuX0o0Myy-7S6D12G2QZiCDEzlqt24TsfmJTEwlMd8SubP29rRlEtEQwunFHi5rUJeMWPCZFg8_z38JP6vICIDmmvc6zaMkwxWtcbF-aTxuAFaPsiKqWtIolQon3m0WHq-9UbZP4Nlo4ku46qW9bMgwBWVhfr1zxGkEvFeiER1yLHflosxu0-1l50U1VNUhQkvutUfiCpc9NMEB7EUz2Xs8itaK2zOmloncxdjrJ7c1Bjp0TlglzLYROPfXpY9Icoz-EZAq9cKIH-yRNc2PuoaLJGEEulYaksdTXGTBdckKCBV2uV4hRFkVp65ZsvuvrMytz8epGnv93v7AyZzFHQ6oQPCtlQrmhjv-IKakTvwMb_W87_ven1AhfQbg1ihZvRlVnGhQiOMFtUotYblt7sWQ9JpE9bNqZsH2x3fdfrg981MbeqETJKBa30zyCQyrKqgYAiJoSjOk26vq85RvfHT9vR3j3GpgsOtHPOYFl5D6rdL-I4RQofid4K-Kxem2kVNIDCiFIUy9QSSIadbyCGtnramlBiSX-m_wuRfOZG64m3oCb92c0aSukPmq6qMaMnKs?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=19bded8de94847ce9a4ac311cda88a06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:16 GMT
content-type: image/gif
content-length: 43
x-trace-id: 0e085ba26db3b788508c2190f63f024e
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:16 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/b45492f602293e104148d40974c73704.jpeg
104.22.33.172200 OK 15 kB URL HTTP/2 offerimage.com/www/images/b45492f602293e104148d40974c73704.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash b45492f602293e104148d40974c73704
88d18c8dc79445ddf6367e69e928a7d563acce46
b49b69cadc32bfd86bdb3d2481c1481f0b93910b6d2eb7fa6fb71ba1e3d58cf1
GET /www/images/b45492f602293e104148d40974c73704.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:17 GMT
content-type: image/jpeg
content-length: 14988
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6385e804-3a8c"
expires: Wed, 30 Nov 2022 11:19:15 GMT
last-modified: Tue, 29 Nov 2022 11:07:48 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16682
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771c89c54adcf13a-ARN
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:57:10 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK21F4M6HFS9RE12F672F8DR-ams
cf-cache-status: HIT
age: 240
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c899a1da3b527-OSL
X-Firefox-Spdy: h2
www.nbfcs.org/_next/static/chunks/pages/_app-650a3060c7e0fb65.js
23.254.229.241200 OK 0 B URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/_app-650a3060c7e0fb65.js
IP 23.254.229.241:0
GET /_next/static/chunks/pages/_app-650a3060c7e0fb65.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 15:57:12 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Thu, 24 Nov 2022 13:40:12 GMT
ETag: W/"531d0-184a9de0cb3"
Vary: Accept-Encoding
Content-Encoding: gzip
nanouwho.com/1?z=5307589
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5307589 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 0f2ae5a9ec4298c70f2427ac9db25c93
access-control-expose-headers: X-Sc
x-sc: 5Wh2whTgsGqyTnELw2rSUtX2bqPWHTHvMgx8Mz8HU8Um1gQf2B6gRndw92pgHVNgsf_dWxs5p_V1Ca2l0uPXs0ojDzs=
set-cookie: scm=1; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
OAID=3ac17c994690491391ec203aa1ee5b19; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
oaidts=1669737431; expires=Wed, 29 Nov 2023 15:57:11 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 17564382
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c899a4dd8b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Tue, 29 Nov 2022 15:57:11 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=15161934&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=19bded8de94847ce9a4ac311cda88a06
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:16 GMT
content-type: application/javascript
x-trace-id: 64478638ebec8c2216625eb025e1b63c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/dqxXo/pack-mex.rar
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/dqxXo/pack-mex.rar
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /dqxXo/pack-mex.rar HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 17:57:09 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D; expires=Tue, 29-Nov-2022 17:57:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 29 Nov 2022 15:57:09 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.123.175:0
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.8/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK21F4R1YRQCJE8WKY2YQTQY-ams
cf-cache-status: HIT
age: 240
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771c899a1d9ab527-OSL
X-Firefox-Spdy: h2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
GET /5/5307591/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:10 GMT
content-type: application/json
x-trace-id: bcd0821a2a53f48c1fa3cde4eb2fce53
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:10 GMT; path=/; secure; SameSite=None
oaidts=1669737430; expires=Wed, 29 Nov 2023 15:57:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.407
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.407
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.407 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-18b14"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:09 GMT
content-type: text/css
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/pagespeed_static/js_defer.I4cHjq6EEP.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/dqxXo/pack-mex.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlkyWWhXNjhKeU1SSktQSXd2eVRNWFE9PSIsInZhbHVlIjoiV2V1bzdEYlpzeC93ZXpQOHpBZnZNYWg1S2JYejA5bllqTiszYUliOVB0MTcxZTloVmQrOERLNGNISDBNbk1tSzliMVlWQjBrL1NtcG9SVVVINzN2dGJ3VW1wRlZyc0lDbnNvbXVsdEZVaXptekFCN1IrbHphOUxISGd2bDVQaEsiLCJtYWMiOiJiNjU5YWRkZmU4MTEyY2U4NzkzZWI5OGFhNjExNTM5YWIxYzQ3NjJjMDk5MmYyZmNhOTRiOWRiMzQ1ZmRhZmI3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6IjdWdytPUTFqc21QZ2cxNHpOL0wycEE9PSIsInZhbHVlIjoiWVBzMUpsN3ZkZ2thTWl5UnJScCtkTkYveDJTWTB0Vit1N0VLT2JhTmI2dk1QcVplck1IOUtscE0vckl0VU5zUTlINmpWUzRzSktnL2lWaHN1Qi83ZEFSNHlUOEZjUW81ZHV5ZlREQ21pU1BLTUJPMHB3QkthelljaGYxRmhoN0oiLCJtYWMiOiJhZGU2ZjdkYWYxMzI0NDY5MTBmNWZmNDU1OWZmNmQ3ZmNlZjY4YzZkM2Y5ZjA5ZDdlYTI1MGFlOWY2NGU4ZjgwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 15:57:09 GMT
last-modified: Tue, 29 Nov 2022 15:57:09 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=&oaid=19bded8de94847ce9a4ac311cda88a06&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FdqxXo%2Fpack-mex.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=ba7bb2cf66e248eea6c04c313ed9c79f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 15:57:11 GMT
content-type: application/javascript
x-trace-id: 6249cc301b7622f6c313acc0439ee0f7
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=19bded8de94847ce9a4ac311cda88a06; expires=Wed, 29 Nov 2023 15:57:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2