www.anonfam.com/sx/XoLinksreal_c821.zip
200 OK 4.2 kB URL User Request GET HTTP/2 www.anonfam.com/sx/XoLinksreal_c821.zip
IP
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 91b00fd7de416bac62cb6259a3cd91b4
fb1a880188081c141d8e47fa96121ab12a1403a6
84cba8c1ab0d1e7bd221093a206fb8fb3c2346b8e8bc03e9f6a7a9c57f5bc30d
GET /sx/XoLinksreal_c821.zip HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
set-cookie: filehosting=c7df35440725d947a4a70606db856836; expires=Fri, 01-Dec-2023 05:42:59 GMT; Max-Age=86400; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private
content-type: text/html; charset=UTF-8
content-length: 4220
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:42:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-CY34E0NXDP
200 OK 93 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-CY34E0NXDP
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash b148255b023e744574b6f260c926d35c
e71c11b760298ae58cb539e92aa4e19be7994dc1
1c21840ca86b004332af0f3ded18f7584ad6c20f0bb2fa3a29ec52b3a6628aec
GET /gtag/js?id=G-CY34E0NXDP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:43:00 GMT
expires: Thu, 30 Nov 2023 05:43:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/bootstrap.min.css
200 OK 11 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash 9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732
GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11049
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/cookiealert.js
200 OK 713 B URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/js/cookiealert.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash 81279e22c8ece9e1d0536a402484daa3
911797507fb12d4f451d5900e32db96ad697c401
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 713
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
www.anonfam.com/themes/spirit/assets/frontend/img/adblock/primary.jpg
200 OK 13 kB URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/img/adblock/primary.jpg
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 601x155, components 3\012- data
Hash 0fc3ab39bcdfd3c8d38de7d89b292ada
a89f51203f0b0db4cd1c7f18388f9a84d008efa4
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f
GET /themes/spirit/assets/frontend/img/adblock/primary.jpg HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: image/jpeg
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 12809
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
www.anonfam.com/themes/spirit/assets/frontend/css/socicon.css
200 OK 1.7 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/socicon.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash 910a42ce112991b31b30a735f1006a5f
6c8b4769270f1c86bb1c7a6b54325465395ba614
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b
GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1719
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/stack-interface.css
200 OK 963 B URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/stack-interface.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 4541b29b6040bc31b760f98e914fd1d7
0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794
GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 963
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/lightbox.min.css
200 OK 825 B URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/lightbox.min.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash 30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed
GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 825
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/iconsmind.css
200 OK 14 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/iconsmind.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b
GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14293
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/flickity.css
200 OK 667 B URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/flickity.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash 244d315064064270eabbbb7ac9f6c700
21ad53d3efbb40154293190173ee0c497ed7651c
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a
GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 667
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/jquery.steps.css
200 OK 1.0 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/jquery.steps.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with CRLF line terminators
Hash 25cfe48e07622a00154b677afcbaeb47
23e3ae1bd04ad1d00d25d30e39815104ceeae52f
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056
GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1044
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/cookiealert.css
200 OK 8.9 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/cookiealert.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (11486), with CRLF line terminators
Hash 3d2946aeae3cc8f43e2acf82ea029bd4
c25a0bd445ff9e6034d34e8f388f5565515a2783
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28
GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8885
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/font-awesome.min.css
200 OK 12 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (58929), with CRLF line terminators
Hash 879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed
GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12275
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/theme.css
200 OK 30 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/theme.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type assembler source text\012- assembler source, ASCII text, with CRLF line terminators
Hash e13b70f9d6654b3656aec5b1bd5ae02a
903010ac4b9034f6839847a20ecd0f5a728b2b96
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a
GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29798
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/css/custom.css
200 OK 1.9 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/css/custom.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash 65417cde74809cb9b9e66d0ab4adc448
9729ccac013729aed790fdc25d71d858f50a137b
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280
GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1852
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/datepicker.js
200 OK 7.1 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/datepicker.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (12692), with CRLF line terminators
Hash 8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc
GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7117
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
200 OK 4.7 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (13686), with CRLF line terminators
Hash 0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843
GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4716
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/typed.min.js
200 OK 1.4 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/typed.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (3949), with no line terminators
Hash 2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b
GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1365
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/countdown.min.js
200 OK 2.2 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/countdown.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (4136), with CRLF line terminators
Hash 76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2238
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/flickity.min.js
200 OK 13 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/flickity.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (32032), with CRLF line terminators
Hash 8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6
GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13090
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/granim.min.js
200 OK 2.7 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/granim.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (10573), with CRLF line terminators
Hash 714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3
GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2714
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
200 OK 2.6 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (4887), with CRLF line terminators
Hash c9e3a210d83398f301b3a7049c259676
8e227bb40fe120841829a7fef0ffeb091d179a91
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805
GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2577
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/images/logo/logo-whitebg.png
200 OK 6.5 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/images/logo/logo-whitebg.png
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 88b2ad9d81e2bdf1f6e3b17a637f2029
1a0764a7cb830d3fca90e2c78a9e1ce6f0a3ed40
2ec3e0692321a2805e95db5716e5e92d35e20f49dc1a3e9796a5def6e6254e82
GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: image/png
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 6487
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/images/logo/logo.png
200 OK 6.3 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/images/logo/logo.png
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash fbacfafaffafec65fc4114568cb60858
bd497e5f6747dffe54893e7947275c56efccf53d
3393c294229659297948d0e84894dfe1f8814ca0905711bcee4e2ab213c473ea
GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:00 GMT
content-type: image/png
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 6311
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/js/xads.js
200 OK 102 B URL GET HTTP/2 www.anonfam.com/js/xads.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
Hash 5c25805fe76fdff482427cd907c43ded
801c9dae9abb98963162a8b530fd87c2cd4e56c4
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e
GET /js/xads.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0,private
content-type: application/javascript
content-length: 102
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
200 OK 19 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (768), with CRLF line terminators
Hash 6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f
GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18670
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
200 OK 30 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (32030), with CRLF line terminators
Hash 5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29468
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/js/scripts.js
200 OK 22 kB URL GET HTTP/2 www.anonfam.com/themes/spirit/assets/frontend/js/scripts.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type ASCII text, with very long lines (914), with CRLF line terminators
Hash ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c
GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22215
date: Thu, 30 Nov 2023 05:43:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
pl20910130.highcpmrevenuegate.com/36/c4/17/36c41723042d389b833ed6969c624319.js
200 OK 16 kB URL GET HTTP/1.1 pl20910130.highcpmrevenuegate.com/36/c4/17/36c41723042d389b833ed6969c624319.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjecthighcpmrevenuegate.com
Fingerprint8F:E7:DE:46:88:0B:3D:4A:06:BE:83:06:1C:4D:29:E4:2E:4D:3B:0A
ValidityTue, 28 Nov 2023 06:56:51 GMT - Mon, 26 Feb 2024 06:56:50 GMT
File type ASCII text, with very long lines (42873), with no line terminators
Hash 2193940d2ff1de09ef7a25ff47c0bf45
aa335d992c272710021a4ab4edbbcd482473c3c0
d0edfc30198fb5c0d30657b7082bcad6fd47f824ded9834999190265249e7991
GET /36/c4/17/36c41723042d389b833ed6969c624319.js HTTP/1.1
Host: pl20910130.highcpmrevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 05:43:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4992f3d97f684c0535426fbb7265889e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 2523
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 2523
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 2523
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 2523
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 2523
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 19308, version 1.0\012- data
Hash 0d17dc102f6109715e0d74d9e267cbd7
204a106f9eb8c74953d411f200196c544ed87300
883bd0f053cde78238a0881291e4b6647acd9b3fa73808db5ac83d286bb4b44e
GET /s/opensans/v36/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 19:17:13 GMT
expires: Thu, 28 Nov 2024 19:17:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:04:07 GMT
content-type: font/woff2
age: 37548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-CY34E0NXDP
200 OK 93 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-CY34E0NXDP
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash 68658d237e8240013d27560187c71ea7
a9d97c36a3b48292c65c9df78da9f706940594b1
d8b87c143fb0bb54530fe0b417c8904662b256c9b5f4b74bb150d39c3425f09e
GET /gtag/js?id=G-CY34E0NXDP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:43:01 GMT
expires: Thu, 30 Nov 2023 05:43:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.anonfam.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
200 OK 4.3 kB URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Hash ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:01 GMT
content-type: font/woff2
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 4292
date: Thu, 30 Nov 2023 05:43:01 GMT
server: LiteSpeed
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 847464cdbdcb0ff950b9a3dfeac95b15
4e50fead0ceda1ca0d628da2b43ea726db7e12a5
00ff840c69a63a1ea8a9008a3f677daacca81323ceeab6b463a5429793fe34d4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.anonfam.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ca61fcda-b53f-41ab-8c85-aa3278e8de88:2:1; expires=Sun, 27 Nov 2033 05:43:01 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.anonfam.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
200 OK 80 kB URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=c7df35440725d947a4a70606db856836
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:01 GMT
content-type: font/woff2
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 80148
date: Thu, 30 Nov 2023 05:43:01 GMT
server: LiteSpeed
www.anonfam.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
200 OK 5.0 kB URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836; _ga_CY34E0NXDP=GS1.1.1701322985.1.0.1701322985.0.0.0; _ga=GA1.1.2054722975.1701322986; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ca61fcda-b53f-41ab-8c85-aa3278e8de88%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:01 GMT
content-type: image/png
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 5016
date: Thu, 30 Nov 2023 05:43:01 GMT
server: LiteSpeed
www.anonfam.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
200 OK 447 B URL GET HTTP/3 www.anonfam.com/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectanonfam.com
FingerprintCD:FC:38:1F:C5:D5:34:1F:F4:B4:B0:33:A3:1B:B1:FB:29:FC:C0:14
ValidityTue, 07 Nov 2023 06:31:08 GMT - Mon, 05 Feb 2024 06:31:07 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: www.anonfam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/sx/XoLinksreal_c821.zip
Cookie: filehosting=c7df35440725d947a4a70606db856836; _ga_CY34E0NXDP=GS1.1.1701322985.1.0.1701322985.0.0.0; _ga=GA1.1.2054722975.1701322986; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ca61fcda-b53f-41ab-8c85-aa3278e8de88%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:43:01 GMT
content-type: image/png
last-modified: Fri, 15 Apr 2022 01:34:00 GMT
accept-ranges: bytes
content-length: 447
date: Thu, 30 Nov 2023 05:43:01 GMT
server: LiteSpeed
unseenreport.com/pxf.gif?uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=36c41723042d389b833ed6969c624319&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=36c41723042d389b833ed6969c624319&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=36c41723042d389b833ed6969c624319&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 05:43:02 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af9734710ce0e5dcfcadd90218e55fcb
Strict-Transport-Security: max-age=0; includeSubdomains
ardentlyexposureflushed.com/sbar.json?key=36c41723042d389b833ed6969c624319&uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88%3A2%3A1
200 OK 4.1 kB URL GET HTTP/1.1 ardentlyexposureflushed.com/sbar.json?key=36c41723042d389b833ed6969c624319&uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectardentlyexposureflushed.com
FingerprintCB:F3:A7:64:D0:55:AE:83:FE:CD:FA:A4:A8:5E:97:D2:27:E6:2D:01
ValidityTue, 28 Nov 2023 10:50:41 GMT - Mon, 26 Feb 2024 10:50:40 GMT
File type JSON data\012- , ASCII text, with very long lines (6014), with no line terminators
Hash 3b9ef0e791420862a58a2095fb6a5cf6
69576317fb0b58720adb90862eb96f0a2d05c718
cf048db99c42e37cb6f1fdcb3f3dbe2a39bf5b981100bcc6a3d98079a9f990d1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=36c41723042d389b833ed6969c624319&uuid=ca61fcda-b53f-41ab-8c85-aa3278e8de88%3A2%3A1 HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 05:43:02 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.anonfam.com
Access-Control-Allow-Origin: https://www.anonfam.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=20809631; expires=Fri, 01 Dec 2023 05:43:02 GMT; secure; SameSite=None
uid_id2=ca61fcda-b53f-41ab-8c85-aa3278e8de88:2:1; expires=Thu, 07 Dec 2023 05:43:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 01 Dec 2023 05:43:02 GMT; secure; SameSite=None
uncs=1; expires=Fri, 01 Dec 2023 05:43:02 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 01 Dec 2023 05:43:02 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 01 Dec 2023 05:43:02 GMT; secure; SameSite=None
slec36c41723042d389b833ed6969c624319=[4766299]; expires=Thu, 30 Nov 2023 05:43:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b9a6a37ad963b202ec2033bc28a6787
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ardentlyexposureflushed.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6fnpMUgwxsTFdXfJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Dfe9%2Frw%2FfeV5%2FvFifEQ0GP1z%2FSA6kUXWrWPPfShky5Lq27etv1vZp32d2Qaatx2e1PP6b3tu81a96b7g3BtvRS3fM9z%2Fd897o0Itb9pVMVMnvU8Wsdr9ao1%2FxmA33zf24LB5Y64L0TcgGST17Y%2FOUJJBsjTb67JuxWrrO33k8KRXNt0OMHd9KtVJcpkjmMjYM4PZj9DW0nhHy1AJ0ezBxA9%2FamDhDJCXF%2B9xGlB7M1EfX2zzaNFESKiL%2BIsjeGUGNIOgbTdyH5UwIwjtU1pMmDVW1Kun2m0qk6Ieef%2FwNZTsj5Py4iTR5fVbLv3tKqyKVOLfpxBdkfQ3bHyIpD5AMHsjwEyz%2BD5L%2BSpecrSJO9Nas0JD9%2Bg9GWHzNOF6NmEC82fBothixsLlIa1NuhCLkIw9OIpBxDxmMoMQS1Cyisg0I6KGIHReYg4ccubXZiz2vHURwEYYMxFgSMNcMWb%2FKgEcYeCjb1MESeDcHUEMzsIDM72JL3nzYvwBQ%2FwW5WsNyBzQl6vEIpCEpLUFKCUhKUOUHZq%2Fa5snVbPeDKFpE%2F6%2FVZD6qRzru7dF%2FnXZGS3eyEvDzNznnni6%2BxJY7doMUafrseeI06D8JOFAaB4K1Oq8Na9Ubgd2BlBWkXQK2DgZyQV7c5MjkhC7qGiB7CqkMw%2BQpo8TpoOWrXPdDNUSP0MEgf0lSnMU1qTCfgukKWn0e%2B7eyqE%2FLa6Qk%2F%2BOFjCHZ05cvBnzceX%2FwUzFTITIVP5M8EXXVvdFOXZO%2BmLi15spblMpEDOj3vrZzm4ty3H4rtUhu%2BfM0Ov3mXTYUpfHRb2HyFplymXUseXpWcC3NdGybIj8t2Q0Trhd28Wpi0yFbW37u%2BnGRGWCt1OgaVE0KefQ8mJ%2BSlZ%2Fb06V668xekGcMUFZLiiMwKUh%2BCZTuw2XxmNYFRcx5lDsqiGpl6NB8qSaDEnNOogv0Pj%2BZ4195D1zig%2BV2kSYWeqdBTFagawhbnRnlmjq78FpwWIuWMImWcvUgZdf8sXCuPXdGMvVh4dRHFnShuU4934kYnoh1ftKMm9ZHbidh0%2F%2F4XAAD%2F%2FwEAAP%2F%2FdbCnTpIEAAA%3D
200 OK 7 B URL GET HTTP/1.1 ardentlyexposureflushed.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6fnpMUgwxsTFdXfJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Dfe9%2Frw%2FfeV5%2FvFifEQ0GP1z%2FSA6kUXWrWPPfShky5Lq27etv1vZp32d2Qaatx2e1PP6b3tu81a96b7g3BtvRS3fM9z%2Fd897o0Itb9pVMVMnvU8Wsdr9ao1%2FxmA33zf24LB5Y64L0TcgGST17Y%2FOUJJBsjTb67JuxWrrO33k8KRXNt0OMHd9KtVJcpkjmMjYM4PZj9DW0nhHy1AJ0ezBxA9%2FamDhDJCXF%2B9xGlB7M1EfX2zzaNFESKiL%2BIsjeGUGNIOgbTdyH5UwIwjtU1pMmDVW1Kun2m0qk6Ieef%2FwNZTsj5Py4iTR5fVbLv3tKqyKVOLfpxBdkfQ3bHyIpD5AMHsjwEyz%2BD5L%2BSpecrSJO9Nas0JD9%2Bg9GWHzNOF6NmEC82fBothixsLlIa1NuhCLkIw9OIpBxDxmMoMQS1Cyisg0I6KGIHReYg4ccubXZiz2vHURwEYYMxFgSMNcMWb%2FKgEcYeCjb1MESeDcHUEMzsIDM72JL3nzYvwBQ%2FwW5WsNyBzQl6vEIpCEpLUFKCUhKUOUHZq%2Fa5snVbPeDKFpE%2F6%2FVZD6qRzru7dF%2FnXZGS3eyEvDzNznnni6%2BxJY7doMUafrseeI06D8JOFAaB4K1Oq8Na9Ubgd2BlBWkXQK2DgZyQV7c5MjkhC7qGiB7CqkMw%2BQpo8TpoOWrXPdDNUSP0MEgf0lSnMU1qTCfgukKWn0e%2B7eyqE%2FLa6Qk%2F%2BOFjCHZ05cvBnzceX%2FwUzFTITIVP5M8EXXVvdFOXZO%2BmLi15spblMpEDOj3vrZzm4ty3H4rtUhu%2BfM0Ov3mXTYUpfHRb2HyFplymXUseXpWcC3NdGybIj8t2Q0Trhd28Wpi0yFbW37u%2BnGRGWCt1OgaVE0KefQ8mJ%2BSlZ%2Fb06V668xekGcMUFZLiiMwKUh%2BCZTuw2XxmNYFRcx5lDsqiGpl6NB8qSaDEnNOogv0Pj%2BZ4195D1zig%2BV2kSYWeqdBTFagawhbnRnlmjq78FpwWIuWMImWcvUgZdf8sXCuPXdGMvVh4dRHFnShuU4934kYnoh1ftKMm9ZHbidh0%2F%2F4XAAD%2F%2FwEAAP%2F%2FdbCnTpIEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectardentlyexposureflushed.com
FingerprintCB:F3:A7:64:D0:55:AE:83:FE:CD:FA:A4:A8:5E:97:D2:27:E6:2D:01
ValidityTue, 28 Nov 2023 10:50:41 GMT - Mon, 26 Feb 2024 10:50:40 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6fnpMUgwxsTFdXfJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Dfe9%2Frw%2FfeV5%2FvFifEQ0GP1z%2FSA6kUXWrWPPfShky5Lq27etv1vZp32d2Qaatx2e1PP6b3tu81a96b7g3BtvRS3fM9z%2Fd897o0Itb9pVMVMnvU8Wsdr9ao1%2FxmA33zf24LB5Y64L0TcgGST17Y%2FOUJJBsjTb67JuxWrrO33k8KRXNt0OMHd9KtVJcpkjmMjYM4PZj9DW0nhHy1AJ0ezBxA9%2FamDhDJCXF%2B9xGlB7M1EfX2zzaNFESKiL%2BIsjeGUGNIOgbTdyH5UwIwjtU1pMmDVW1Kun2m0qk6Ieef%2FwNZTsj5Py4iTR5fVbLv3tKqyKVOLfpxBdkfQ3bHyIpD5AMHsjwEyz%2BD5L%2BSpecrSJO9Nas0JD9%2Bg9GWHzNOF6NmEC82fBothixsLlIa1NuhCLkIw9OIpBxDxmMoMQS1Cyisg0I6KGIHReYg4ccubXZiz2vHURwEYYMxFgSMNcMWb%2FKgEcYeCjb1MESeDcHUEMzsIDM72JL3nzYvwBQ%2FwW5WsNyBzQl6vEIpCEpLUFKCUhKUOUHZq%2Fa5snVbPeDKFpE%2F6%2FVZD6qRzru7dF%2FnXZGS3eyEvDzNznnni6%2BxJY7doMUafrseeI06D8JOFAaB4K1Oq8Na9Ubgd2BlBWkXQK2DgZyQV7c5MjkhC7qGiB7CqkMw%2BQpo8TpoOWrXPdDNUSP0MEgf0lSnMU1qTCfgukKWn0e%2B7eyqE%2FLa6Qk%2F%2BOFjCHZ05cvBnzceX%2FwUzFTITIVP5M8EXXVvdFOXZO%2BmLi15spblMpEDOj3vrZzm4ty3H4rtUhu%2BfM0Ov3mXTYUpfHRb2HyFplymXUseXpWcC3NdGybIj8t2Q0Trhd28Wpi0yFbW37u%2BnGRGWCt1OgaVE0KefQ8mJ%2BSlZ%2Fb06V668xekGcMUFZLiiMwKUh%2BCZTuw2XxmNYFRcx5lDsqiGpl6NB8qSaDEnNOogv0Pj%2BZ4195D1zig%2BV2kSYWeqdBTFagawhbnRnlmjq78FpwWIuWMImWcvUgZdf8sXCuPXdGMvVh4dRHFnShuU4934kYnoh1ftKMm9ZHbidh0%2F%2F4XAAD%2F%2FwEAAP%2F%2FdbCnTpIEAAA%3D HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Cookie: u_pl=20809631; uid_id2=ca61fcda-b53f-41ab-8c85-aa3278e8de88:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 05:43:02 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 925577df88c539552e4efad328a244b2
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png
200 OK 20 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 320 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash ea31001ce8fa95eb2ac1617515105332
d505ca04808c25cfa33a555c96886f421ddbbde7
0267f5cd21fe5609405724c20d6f021b8932a696ada766b8e86e42c670000ab3
GET /si/3c/d5/62/3cd562dd264800ee586ac2da770e9a65/1700491951.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: image/png
content-length: 20001
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:52:40 GMT
etag: "655b72b8-4e21"
expires: Sat, 02 Dec 2023 05:43:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
200 OK 591 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/img/close.png
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/big1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: image/png
content-length: 591
last-modified: Mon, 21 Feb 2022 10:06:44 GMT
etag: "62136434-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1562045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GTABEBC5T0umhxpbW0gGStqydSs90WomjrfqaVzzWTsLphmdzmVYqBcGb3C3vUtUEZn0r6OcTmYOZ3Vxg2ZrvdaVIU%2Fzla9aoBCgOR3EnY0iiLhRv0kZrF5UR0AZkIbp1xcjikJp3XF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c5446e4c48b1-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
200 OK 9.0 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a56f06ca83ee06488a213b352e00bd90
aec437b74eb6f1143683872fb2d664286da4a664
7144c526762a9d91bdde1939194c2835f2cb1afe0ebac298bbdf1e9239b539ec
GET /si/98/58/2f/98582fa31e3a411721a1f890fd22419a/1700491903.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: image/png
content-length: 9016
server: nginx/1.21.6
last-modified: Mon, 20 Nov 2023 14:51:52 GMT
etag: "655b7288-2338"
expires: Sat, 02 Dec 2023 05:43:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 30547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
200 OK 16 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/script.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 89918681df9f363bb293cb027c2f1113
cf7dca97b09ed3d03e821b407286539519a9f037
6648e7501f858c8ffaf2b35736dbd37f2d22afb2c781ee552d7c113d77413b9e
GET /sb/ssp/vpn/classic-push/big1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-3be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yKcj9A4Q6TYKmDEzyQbs2KrLi%2BtH7MAEn17ouIrsMkrGzAWFkqtKBjccKHEruzdopG7Cx6JPJGsyjd54jW3vXNk2IxMAA8KRjNxbbW1ZvhllSejQ2E8M46utV%2FfdfTuRBQTydSw5%2BqE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c54529387332-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ardentlyexposureflushed.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6Z6ZHoMEY0wMxmTJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Df977Xh%2B%2B9V59vl0fEQ0kPVz%2FSQ6kUXWk1PPfcmsy4rqx7%2Fbbrew3vvLsms3Z43h3MPqb%2Ftu%2B1Gt6b7hXBNvRK0%2FM9z%2Fd897I0ItGDlWMWMn%2FU9RtdrxE2G34rxMD8H9vSgaUOeP%2BInIHk0xfWf3kCySbI0u8uCbtR6Pyt99NS0UIb9PnenWwj01WGdDEmxkGS7c3%2FhrZTQr5ags725gqg%2BzszBYjllDi%2F%2B4izvfmZiPu7J5fGCiJDzF9E1Z9AqAkknYDpu5D8KQEYx%2FUbyNIH17Wp6OYJS2fslJx%2B%2Fg9kNSWn%2FziLLH18UcmBe0urspA6sxgkNeRgAtmbIC%2F3UQwdyGofrPgMkv9KVp5fQ5bu3LBKQ%2FLDNxht%2BwnjdDluBcly6NN4OWJRa5nSoNmJRMRFFB1bJOUEMplAiRGoXUJpHZTSQZk4KHMHKT90aaubeF4niZMgiELGWBAw1oravMWDMEo8lGymYYQiH4GpEZjZQm62sCHvP22dgSl%2Fgl2vYbkDWxD0eY1KEFSWoKIElSSoCoKqX%2B9yZZu2fsCVLWN%2F3pvzHtRjXfS26a4ueiIj2%2FkReXnmnfPOF19jQxy6QZuFfqcZeGGTB1E3joJA8Ha33WXtZhj4XVhZQ9olUOtgKKfk1U2OXE7Jkm4gpvuwah9MvgJavg5ajTtND3R9HEYehtlDmuksoWmD6RRc18iL0yg2nW11RF47jvCDHz6GYAcXvhz%2BeeXx2U%2FBTI3c1PhE%2FkzQU%2FfGN3VFdm7qypInN%2FJCpnJIZ%2FHeKmghTn37odistOFXL9nRN%2B%2ByGTEbH90WtrhGMy6zniUPL0rOhbmsDRPkx6t2TcSrpV2%2FWJqszK%2Btvnf5apobYa3U2QRUTgl59j2YnJKXntnjp3vuzl%2BQZgJT1kjLAzIvSL0Plm%2FB5oud1QRGLXCcO6jKemya8WKpJIESC0zjGvY%2FOF7M2%2FYeesYBLe4iS2v0TY2%2BqkHVCLY8NS5yc3Dht%2BC4ECtnHCvj7MTKqPsn5lp56Lb8UERx1GGcx4LxWdxR4HlNzsNOV%2FhdFHYq1t2%2F%2FwUAAP%2F%2FAQAA%2F%2F9huCmokgQAAA%3D%3D
200 OK 7 B URL GET HTTP/1.1 ardentlyexposureflushed.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6Z6ZHoMEY0wMxmTJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Df977Xh%2B%2B9V59vl0fEQ0kPVz%2FSQ6kUXWk1PPfcmsy4rqx7%2Fbbrew3vvLsms3Z43h3MPqb%2Ftu%2B1Gt6b7hXBNvRK0%2FM9z%2Fd897I0ItGDlWMWMn%2FU9RtdrxE2G34rxMD8H9vSgaUOeP%2BInIHk0xfWf3kCySbI0u8uCbtR6Pyt99NS0UIb9PnenWwj01WGdDEmxkGS7c3%2FhrZTQr5ags725gqg%2BzszBYjllDi%2F%2B4izvfmZiPu7J5fGCiJDzF9E1Z9AqAkknYDpu5D8KQEYx%2FUbyNIH17Wp6OYJS2fslJx%2B%2Fg9kNSWn%2FziLLH18UcmBe0urspA6sxgkNeRgAtmbIC%2F3UQwdyGofrPgMkv9KVp5fQ5bu3LBKQ%2FLDNxht%2BwnjdDluBcly6NN4OWJRa5nSoNmJRMRFFB1bJOUEMplAiRGoXUJpHZTSQZk4KHMHKT90aaubeF4niZMgiELGWBAw1oravMWDMEo8lGymYYQiH4GpEZjZQm62sCHvP22dgSl%2Fgl2vYbkDWxD0eY1KEFSWoKIElSSoCoKqX%2B9yZZu2fsCVLWN%2F3pvzHtRjXfS26a4ueiIj2%2FkReXnmnfPOF19jQxy6QZuFfqcZeGGTB1E3joJA8Ha33WXtZhj4XVhZQ9olUOtgKKfk1U2OXE7Jkm4gpvuwah9MvgJavg5ajTtND3R9HEYehtlDmuksoWmD6RRc18iL0yg2nW11RF47jvCDHz6GYAcXvhz%2BeeXx2U%2FBTI3c1PhE%2FkzQU%2FfGN3VFdm7qypInN%2FJCpnJIZ%2FHeKmghTn37odistOFXL9nRN%2B%2ByGTEbH90WtrhGMy6zniUPL0rOhbmsDRPkx6t2TcSrpV2%2FWJqszK%2Btvnf5apobYa3U2QRUTgl59j2YnJKXntnjp3vuzl%2BQZgJT1kjLAzIvSL0Plm%2FB5oud1QRGLXCcO6jKemya8WKpJIESC0zjGvY%2FOF7M2%2FYeesYBLe4iS2v0TY2%2BqkHVCLY8NS5yc3Dht%2BC4ECtnHCvj7MTKqPsn5lp56Lb8UERx1GGcx4LxWdxR4HlNzsNOV%2FhdFHYq1t2%2F%2FwUAAP%2F%2FAQAA%2F%2F9huCmokgQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectardentlyexposureflushed.com
FingerprintCB:F3:A7:64:D0:55:AE:83:FE:CD:FA:A4:A8:5E:97:D2:27:E6:2D:01
ValidityTue, 28 Nov 2023 10:50:41 GMT - Mon, 26 Feb 2024 10:50:40 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRit3sSTeDBEwYPQBw8R3Nnu6Z6ZHoMEY0wMxmTJD3vwVF1VPVtudVdT1T09O14WA5rjBDx4s%2FfNbhZNCMajIMisF1kQMh5kDy6I4DEXIWeZ3YHR79Df977Xh%2B%2B9V59vl0fEQ0kPVz%2FSQ6kUXWk1PPfcmsy4rqx7%2Fbbrew3vvLsms3Z43h3MPqb%2Ftu%2B1Gt6b7hXBNvRK0%2FM9z%2Fd897I0ItGDlWMWMn%2FU9RtdrxE2G34rxMD8H9vSgaUOeP%2BInIHk0xfWf3kCySbI0u8uCbtR6Pyt99NS0UIb9PnenWwj01WGdDEmxkGS7c3%2FhrZTQr5ags725gqg%2BzszBYjllDi%2F%2B4izvfmZiPu7J5fGCiJDzF9E1Z9AqAkknYDpu5D8KQEYx%2FUbyNIH17Wp6OYJS2fslJx%2B%2Fg9kNSWn%2FziLLH18UcmBe0urspA6sxgkNeRgAtmbIC%2F3UQwdyGofrPgMkv9KVp5fQ5bu3LBKQ%2FLDNxht%2BwnjdDluBcly6NN4OWJRa5nSoNmJRMRFFB1bJOUEMplAiRGoXUJpHZTSQZk4KHMHKT90aaubeF4niZMgiELGWBAw1oravMWDMEo8lGymYYQiH4GpEZjZQm62sCHvP22dgSl%2Fgl2vYbkDWxD0eY1KEFSWoKIElSSoCoKqX%2B9yZZu2fsCVLWN%2F3pvzHtRjXfS26a4ueiIj2%2FkReXnmnfPOF19jQxy6QZuFfqcZeGGTB1E3joJA8Ha33WXtZhj4XVhZQ9olUOtgKKfk1U2OXE7Jkm4gpvuwah9MvgJavg5ajTtND3R9HEYehtlDmuksoWmD6RRc18iL0yg2nW11RF47jvCDHz6GYAcXvhz%2BeeXx2U%2FBTI3c1PhE%2FkzQU%2FfGN3VFdm7qypInN%2FJCpnJIZ%2FHeKmghTn37odistOFXL9nRN%2B%2ByGTEbH90WtrhGMy6zniUPL0rOhbmsDRPkx6t2TcSrpV2%2FWJqszK%2Btvnf5apobYa3U2QRUTgl59j2YnJKXntnjp3vuzl%2BQZgJT1kjLAzIvSL0Plm%2FB5oud1QRGLXCcO6jKemya8WKpJIESC0zjGvY%2FOF7M2%2FYeesYBLe4iS2v0TY2%2BqkHVCLY8NS5yc3Dht%2BC4ECtnHCvj7MTKqPsn5lp56Lb8UERx1GGcx4LxWdxR4HlNzsNOV%2FhdFHYq1t2%2F%2FwUAAP%2F%2FAQAA%2F%2F9huCmokgQAAA%3D%3D HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Cookie: u_pl=20809631; uid_id2=ca61fcda-b53f-41ab-8c85-aa3278e8de88:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 05:43:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f5f93113330dcf83c09efa1d0364130
Strict-Transport-Security: max-age=0; includeSubdomains
ardentlyexposureflushed.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 ardentlyexposureflushed.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectardentlyexposureflushed.com
FingerprintCB:F3:A7:64:D0:55:AE:83:FE:CD:FA:A4:A8:5E:97:D2:27:E6:2D:01
ValidityTue, 28 Nov 2023 10:50:41 GMT - Mon, 26 Feb 2024 10:50:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: ardentlyexposureflushed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Cookie: u_pl=20809631; uid_id2=ca61fcda-b53f-41ab-8c85-aa3278e8de88:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 05:43:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 6.8 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 05:43:03 GMT
date: Thu, 30 Nov 2023 05:43:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
200 OK 1.5 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1639), with no line terminators
Hash 97b357c624104a8e915d01424dfe16ce
6bd7fcedfb7986b149601b1bc840f525b67a8f06
8d010e7163298acf3671bb429a2e0b1d69033a5adc314fa4bddebf74b9775e6e
GET /sb/au/48/48/eb/4848ebd6f7295875a5d388ec2488aba3/1648542421.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:02 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:10 GMT
etag: W/"6242c2de-602"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 30 Nov 2023 06:43:02 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:01 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 25753f9be9774ae5b8db0cc7100a2211
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 05:42:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UZB5QihDJto0YZwMHluZJS5ZJLnFwnpBQs1FSQkCWHv4Px3n8xy9J2UyoUVYuZPVhsy8dnyn0Ec4yGRy8YZO6gBzhxrGJP5gR%2BhMVOdjigH2I9oZpAYa8NsPdbBGYqgRRzu52M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c539fc0570fd-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
200 OK 565 B URL GET HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (588), with no line terminators
Hash bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 05:43:00 GMT
date: Thu, 30 Nov 2023 05:43:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/animate.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/ssp/vpn/classic-push/big1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:06:42 GMT
etag: W/"62136432-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WclAcdJg6W9%2FR%2FBkjid7Ldo8aJQjRncApKtKB7ybOChNIc6lVJVXVnCgUS%2BoGg1unOD4pZl%2FWj39Af1cMzj6evOJzDZfQjnpwat1TfYvFhWhK%2Fct1JQBFk7x5064M5QiJZbC9Kcp1Qa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c543f88d7332-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
200 OK 4.2 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/css/style.css
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (4404), with no line terminators
Hash 68b1992666e9738c9fe476446c9554c6
7ed918e75115fd3be8bd1df1f6106d3f53129c78
c3ca1c3bc15dfab20c6c3733049214afc18b2deaba8d9685c57cc3f238b687d8
GET /sb/ssp/vpn/classic-push/big1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 10:59:09 GMT
etag: W/"6213707d-1048"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y%2FLcCmycM7vNybr0lbXowkbtxpfsaqeHILsey2mOavf28zxiqjMSUu9MCdEKS37Zb2XLURfGXh1OhAusV%2FALZlHXf%2FdnJ4%2Biq1UqOoWniOqDHrPtRk9RNKF%2FG%2FJNMtzRjvaYOi3gd0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c54408937332-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
200 OK 84 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/big1/js/jquery.min.js
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/big1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:43:03 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 10:06:46 GMT
etag: W/"62136436-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs1xaIjWS32mCvYKObuWqYy7hH6xvGPI9AD5D0hihnJGvDr9z1KFZlJ8fP4iqSO1YrM85xzzIM7saIVNYWAdo8JuiVOHxdc1GTNAQjqKpxRmDvuZ%2BIcOOcckgslZyIALZJJZwyGIiLDS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0c5445e4748b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.anonfam.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 2729
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
200 OK 20 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
Requested by https://www.anonfam.com/sx/XoLinksreal_c821.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
Hash c1ee942d9e8618743da7880c448a4063
28e5fd4fc67bab9dadd97898fb41b02aa6167d37
57907596387af97ba3585ca324570ef46e83cd57f597052a1972ab4eb6dc414c
GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.anonfam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 05:43:00 GMT
date: Thu, 30 Nov 2023 05:43:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
103.249.112.20
142.250.74.8
18.185.191.211