Overview

URL anonymfile.com/J2oO/text.zip
IP138.201.48.112
ASNHetzner Online GmbH
Location Germany
Report completed2022-09-29 11:03:38 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 tovanillitechan.com Sinkholed
2022-09-29 2 tovanillitechan.com Sinkholed
2022-09-29 2 tovanillitechan.com Sinkholed
2022-09-29 2 fleraprt.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 tovanillitechan.com Sinkholed
2022-09-29 2 tovanillitechan.com Sinkholed


Files

No files detected



Passive DNS (23)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fleraprt.com (1) 0 2022-01-14 22:55:14 UTC 2022-09-29 06:33:31 UTC 139.45.195.254 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-29 04:56:09 UTC 34.117.237.239
mnemonic passive DNS unpkg.com (4) 11693 2016-01-07 23:26:01 UTC 2022-09-29 06:17:11 UTC 104.16.124.175
mnemonic passive DNS pseepsie.com (7) 132332 2021-03-12 04:11:08 UTC 2022-09-29 08:03:38 UTC 139.45.197.250
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-29 04:57:31 UTC 139.45.195.8
mnemonic passive DNS dozubatan.com (6) 33479 2021-05-18 14:02:27 UTC 2022-09-29 01:42:45 UTC 139.45.197.237
mnemonic passive DNS offerimage.com (2) 304078 2019-06-10 11:11:53 UTC 2022-09-29 08:03:55 UTC 172.67.22.216
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-29 06:33:27 UTC 172.67.194.45 Unknown ranking
mnemonic passive DNS unphionetor.com (3) 54035 2022-02-11 12:53:49 UTC 2022-09-29 01:42:45 UTC 139.45.197.236
mnemonic passive DNS cdnjs.cloudflare.com (9) 235 2020-10-20 10:17:36 UTC 2022-09-29 06:07:22 UTC 104.17.24.14
mnemonic passive DNS tovanillitechan.com (5) 0 2022-07-22 05:21:08 UTC 2022-09-29 06:33:01 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-29 03:35:45 UTC 139.45.197.243
mnemonic passive DNS anonymfile.com (11) 0 2022-08-09 20:53:13 UTC 2022-09-29 09:59:38 UTC 138.201.48.112 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (11) 344 2020-12-02 08:52:13 UTC 2022-09-29 04:57:37 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-29 08:58:20 UTC 93.184.220.29
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-29 08:17:36 UTC 151.101.85.229
mnemonic passive DNS interstitial-07.com (3) 36198 2017-03-09 00:00:07 UTC 2022-09-29 01:42:56 UTC 139.45.197.151
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.115
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-29 05:06:32 UTC 44.242.41.15
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-29 06:41:52 UTC 172.64.155.188
mnemonic passive DNS inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-09-29 03:35:44 UTC 172.67.211.29 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.201.48.112

Date UQ / IDS / BL URL IP
2022-12-01 15:25:08 +0000
0 - 0 - 9 anonymfile.com/OaeQQ/resources.zip 138.201.48.112
2022-11-29 15:57:24 +0000
0 - 0 - 9 anonymfile.com/dqxXo/pack-mex.rar?PageSpeed=n (...) 138.201.48.112
2022-11-29 15:57:20 +0000
0 - 0 - 13 anonymfile.com/dqxXo/pack-mex.rar 138.201.48.112
2022-11-29 15:55:12 +0000
0 - 0 - 15 anonymfile.com/7LJJe/pack232.zip 138.201.48.112
2022-11-27 16:54:12 +0000
0 - 0 - 16 anonymfile.com/mkJOo/rbxphishing.exe 138.201.48.112

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-12-02 09:31:42 +0000
0 - 0 - 11 fastpic.ru/view/112/2020/0914/_4cb119ae33625b (...) 95.217.39.24
2022-12-02 09:20:38 +0000
0 - 0 - 2 116.203.0.170/143956783362.zip 116.203.0.170
2022-12-02 09:20:04 +0000
0 - 0 - 2 116.203.0.170/970470253486.zip 116.203.0.170
2022-12-02 09:16:02 +0000
0 - 0 - 2 116.203.0.170/066770170617.zip 116.203.0.170
2022-12-02 09:03:55 +0000
0 - 0 - 12 cmahospital.com/ 135.181.176.108

Last 5 reports on domain: anonymfile.com

Date UQ / IDS / BL URL IP
2022-12-01 15:25:08 +0000
0 - 0 - 9 anonymfile.com/OaeQQ/resources.zip 138.201.48.112
2022-11-29 15:57:24 +0000
0 - 0 - 9 anonymfile.com/dqxXo/pack-mex.rar?PageSpeed=n (...) 138.201.48.112
2022-11-29 15:57:20 +0000
0 - 0 - 13 anonymfile.com/dqxXo/pack-mex.rar 138.201.48.112
2022-11-29 15:55:12 +0000
0 - 0 - 15 anonymfile.com/7LJJe/pack232.zip 138.201.48.112
2022-11-27 16:54:12 +0000
0 - 0 - 16 anonymfile.com/mkJOo/rbxphishing.exe 138.201.48.112

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-23 15:51:34 +0000
0 - 0 - 9 anonymfile.com/BW4y/udemy-aso-anime-manga.zip 138.201.48.112
2022-10-22 01:50:05 +0000
0 - 0 - 8 anonymfile.com/lEa9/decryptor.7z 138.201.48.112
2022-10-14 19:24:28 +0000
0 - 0 - 12 anonymfile.com/9OYD/pack-apks-premium.rar 138.201.48.112
2022-09-27 18:39:08 +0000
0 - 0 - 4 anonymfile.com/qrE7/amongusv2202changename.ba (...) 138.201.48.112
2022-09-23 23:11:44 +0000
0 - 0 - 15 anonymfile.com/2l5W/23092022-155003-tiktokcom.rar 138.201.48.112


JavaScript

Executed Scripts (27)


Executed Evals (2)

#1 JavaScript::Eval (size: 80, repeated: 1) - SHA256: ba78ae86fbc6b90c84cbd41ea846c6c6adc7ceee022f1ca37da70ef03edf3e7f

                                        (() => {
    const a = async
    function name() {};
    window['zowvg4mj74r'] = true;
})()
                                    

#2 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 2477b814b8ad1a91f87132c07e73e884d9448987538b5be15f5292327cbbca6f

                                        var psaFunc = function() {
    this.media = 'all'
};
                                    

Executed Writes (0)



HTTP Transactions (82)


Request Response
                                        
                                            GET /J2oO/text.zip HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         138.201.48.112
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 29 Sep 2022 11:03:27 GMT
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/J2oO/text.zip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 10:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LugLEqJmWDe6nXUlywHnxoJBKablYnegksqNZiz73ue15TqO1tlJFQ==
Age: 2855


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5361
Expires: Thu, 29 Sep 2022 12:32:48 GMT
Date: Thu, 29 Sep 2022 11:03:27 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R0PDx83iDZjoY0l3DNBaU8iGLismGZYqV_9VhaBOf_JEctMSXcE5XQ==
age: 20100
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /img/logo-anon-warning.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Thu, 29 Sep 2022 11:01:47 GMT
expires: Thu, 29 Sep 2022 11:06:47 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15344
Md5:    7b596f481388ac5ef6d74a15a351f6c3
Sha1:   6756e88c0b46cc981b7bbbdaf2ead77bd258a472
Sha256: cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 10:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 10:41:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FnybSYP0g1t3l3KqMtgS-6JyshzXF3J_BdpfqtyqfK97h1_0KuXRhw==
Age: 2035


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/main/footer.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Thu, 29 Sep 2022 11:01:48 GMT
expires: Thu, 29 Sep 2022 11:06:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   178070
Md5:    79ccb3a1b78412a1a530284f45ea7056
Sha1:   626d0494e1bd871e67ecffad44d04ac2343fb7e5
Sha256: 3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5868
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 11:03:28 GMT
Last-Modified: Thu, 29 Sep 2022 09:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5329326
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCRi1XyXzx%2B3jNqVLcCbfq5z113ZoufuPqWIG4XuREIETkJ7HIiJyY3v9WbDvJdggFXAs7zQb4oIKjd2TbQ%2B73kuAt9od3Pni41r2z4tQaHiGX3CXaYmhCGBA3pMRn2mpTBmxVro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b837e5cb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65345)
Size:   14374
Md5:    642445b86596bdeaa98e92faa2064fc6
Sha1:   6c5539660bf533d34e37b917973c941d1c963374
Sha256: 4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
                                        
                                            GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4892354
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHIPpPwP1WsNuhVSIH9z4qvmguhgj6mvNRqk4KmTuVmEn%2FOAN6n9Njc9UyjT3Pl3HUxzy0rNZ1cNJXQpHMfUS%2FVYHEVqxrOqhpdz0JC%2FpZpK1OcnhUy3LLi0ywecxgiq5%2Bv06MVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b837e6bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58940)
Size:   14584
Md5:    28dbaeb9aa2638e0c4e6d9ffd3d14e9d
Sha1:   3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
Sha256: ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
                                        
                                            GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7492217
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n48%2BwIxNJLBNlY7zbak3%2BlhuzhbTwktj1iadbXtxwXo8ferjCZI9kQBYB5mWegeRadz2En3olbf1gxk%2BTTsPpaBimYKBsaS%2ByggHM6aKAvQ%2B2z0MS1xPmUDQXOu3daJXPqPACkp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b837e69b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18706)
Size:   6037
Md5:    3773d4bd82b03cdfd02c9fd691f80d78
Sha1:   c4d89a2de179c90944835571b45877048f3c1424
Sha256: 5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5868
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 11:03:28 GMT
Last-Modified: Thu, 29 Sep 2022 09:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 838356
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygi24e59zSOS7KgoUAajkxhMeh73Inw0JmFMrX6z8gZxAnf%2F23vLnTVPr3YR%2FHjQB0PMbuFIguz0kmR4QtFNUMD%2BIRNx1O5s9vBtbH7Q0NnytwpK7VvKKLreMzZD4rgutLEYk1v3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b838e78b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (10584)
Size:   3000
Md5:    e34a4db0b42ca907e0b7a56cd4b145ec
Sha1:   2dc36a7dcdfc42d122b23ef91483d27865c4285f
Sha256: 4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5494629
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voZZZrn8K5Q7FbS4jN90ih0aBTmSuLoZRHSbrBrMtNoEgyCplqWDZlJMO5hrndgiGZ89dJbLsl8SOUi4%2Futc3QCZPlgXVVON8qlB%2BtujKjqpQ0L0KU6ZQb2aCbPwKJQoPUV4Obio"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b838e7db521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5493296
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYgGqHm%2Fg8cnJSVhC7%2FUtgzTNoj1U7EySxlQllKbze7Jm%2BjRIuIRz3u%2BpDhgWs6Lg16RwB52YiKF256jK10nczmFZXGZ1IRkRqP%2FUvbrEohnJS%2FKXlQYmgYVfXkFP6xkc13TesoE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b83bebdb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65370)
Size:   29707
Md5:    d18c98bb03dac8dd996130d56f3d8e8c
Sha1:   cc1777baef75c9438534927036a21f22e91e5578
Sha256: 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
                                        
                                            GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 63164
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96BLMbqT4eXPL5J2%2BJlVcqqV4rNZhoxYhoWbj%2BSyuUMfHuGH9ADcSPO%2Fa%2BofQTxyVtKC5%2FekNF79Qm8HNDlR2PWdZWt4aEUv0KTvDeNzkZLXAqQThrPJUVma5yhn7Fwn6tts3yFB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b83ced2b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (17282)
Size:   2934
Md5:    78aabb09e30a9eb6f833cbb1b48bdb2e
Sha1:   e876ff16b6c511bc217973e51202aaaf23a4e936
Sha256: 8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5868
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 11:03:28 GMT
Last-Modified: Thu, 29 Sep 2022 09:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5493296
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAru2eUDyc0twM9Pu0Qx7Wi4GtWYWXEz%2BInqOxklR4gazfpH3NyYCDPNQczElnPvhpN7CZWw1Vvpwt9ceJgSzyhSUhRp4J2o1YU6chmnVSQn3x%2BMnHsm4JcLGVc%2FhylcZvBFqmeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b83f8a5b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65370)
Size:   29707
Md5:    d18c98bb03dac8dd996130d56f3d8e8c
Sha1:   cc1777baef75c9438534927036a21f22e91e5578
Sha256: 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
                                        
                                            GET /npm/sweetalert2@11 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 11.4.35
x-jsd-version-type: version
etag: W/"110e0-VXFRQufIpr0uGcBhFw1t474Se08"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 11:03:28 GMT
age: 8536
x-served-by: cache-fra19153-FRA, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19178
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (44103)
Size:   19178
Md5:    76078a874eaae17695ece49b6faaecf2
Sha1:   335828538d3770b36599176648c24cfe2c67e074
Sha256: f26a8ff5142891ba534583d0e9ba1ab4ac9c33dc14bc0f41a8bbe5bb98939eab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5935
Cache-Control: max-age=168133
Date: Thu, 29 Sep 2022 11:03:28 GMT
Etag: "63355216-1d7"
Expires: Sat, 01 Oct 2022 09:45:41 GMT
Last-Modified: Thu, 29 Sep 2022 08:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5494629
expires: Tue, 19 Sep 2023 11:03:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3eR9Udzh9sz1nS2JqEQhLchknDPBSCF7GE48znJHoZQwwe8qz3Qyo80yC5AdnXlMmxqLlvvgIFtoh67jG4lOGSuB9dTNg6A55RynPB9oi1i7phl66QxCuoyLAj5oasQpl6XwX%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75243b844914b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /img/logo-anon-warning.png HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
content-length: 21479
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
x-original-content-length: 40729
etag: W/"PSA-aj-QzI2e9bywS"
date: Thu, 29 Sep 2022 11:03:28 GMT
expires: Thu, 29 Sep 2022 11:06:49 GMT
cache-control: max-age=200
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Size:   21479
Md5:    4332367bd6f2c12da86e4ab20157daef
Sha1:   027b329b8b50972ee035b4e4f3cb9a3c080aba31
Sha256: a7a91652e8153a80b1270b5fdb1d1e1e880ad9580e298040df1ed1b024699eb4
                                        
                                            GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.124.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 7492652
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75243b83f803b529-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3123
Md5:    e49ec961ca0801a5617b419bb1738b57
Sha1:   7b4583c9a49f936cde04eff9ceed34f27533dc50
Sha256: 9ba022e63185ef60f56fbda8fcf37cf761275e697d88ffbe67ae8a3cfdae7ab3
                                        
                                            GET /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.124.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1d07-1hxUHKzrTl3rNdhkJwK4kJGou0I"
via: 1.1 fly.io
fly-request-id: 01G2PJZCDRWWWP671QTKZ7W61J-fra
cf-cache-status: HIT
age: 12276360
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75243b83f808b529-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8448
Md5:    1bb0b07ce68a82620a5ce6077c3c0c2d
Sha1:   be1905881bf0ebec84c17379e038514451e8a0f4
Sha256: 2b7d905d8f3985860f2c3fceea5775332ef7a761c0447a1c9dafdd7390114dfa
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EzUmczwl7GuQ+F2krBevEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.41.15
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qXfvoxqC34mrPBoruw1vNbcCBbU=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F53E378D2706F03AF59A3145B48096C852D7A74781AAF9EF5C1313EFBA2E3E12"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7525
Expires: Thu, 29 Sep 2022 13:08:54 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DDA1C7A6542A0B3C0C9DAFE943FB8FBD85E508E57150175B89222A45B650CD89"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1578
Expires: Thu, 29 Sep 2022 11:29:47 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "438EF5AE0E1522A076692ECAD97A8DDFC6825D7C0F9CB89BC182935866290238"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4371
Expires: Thu, 29 Sep 2022 12:16:20 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4B40B6BF8EC5E6DC4956829BC0BEC2A6C9E4D21A8BEF209DF5CA44D037866039"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Thu, 29 Sep 2022 12:33:10 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 664
x-trace-id: 69cabf565d536ef65ef125338692d674
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (663)
Size:   664
Md5:    924f83d583902548517c3327ff8e4493
Sha1:   7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
Sha256: 92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
                                        
                                            GET /42/38?z=5307589 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=cac36b8e56f24ab881e8ada1c9ed850f; oaidts=1664449409
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9e13e8fccdd5476eac8eb89b3084ad51
access-control-expose-headers: X-Sc
set-cookie: OAID=cac36b8e56f24ab881e8ada1c9ed850f; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None oaidts=1664449409; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 11:03:29 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=328308,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75243b884a7ffab8-OSL

                                        
                                            GET /gid.js?userId=f20d6d5083154474a6359c4caa13ae66 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    94480229f5437b3e47aca36e69cee51e
Sha1:   30ea60ac430427224c34fc8edac990f2c53762cc
Sha256: b650f03370e6e747b4fd03cd9999d4ad657431c5ad432b11d7f1d886e8be371c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "227100C0ED83763CD15F9C5ADCCD4CB39C2804D4F4C66143C44DCCA360FC215E"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12274
Expires: Thu, 29 Sep 2022 14:28:03 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=f20d6d5083154474a6359c4caa13ae66 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /?rb=vk-V9L5lLOZwDViBkdSxJjxtbEvCA0a1BovULRxZYkU7sLnDcxv7GbreuyTY8oi6Ez0SLv9i2dba2ZSYIQEKqC0LMKjzjNAqabS2ndP0kF34_2RkZGYJ_LXURX3NebHbKjwlQ7x0xxWaHu_rBg0-P3m22uQ_f2Osi5Y9vE9JpkOdMTtcIyDWBDTbgZgXdA0a6Py1RiDzuWoJcF6_BmuTAqesuqo%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=93825ce2-86f5-436b-bc41-8dc1220e3bd6&userId=f20d6d5083154474a6359c4caa13ae66&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
x-trace-id: 731358809ef367854cc4ccdd1c87a212
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:29 GMT; path=/; secure; SameSite=None oaidts=1664449409; expires=Fri, 29 Sep 2023 11:03:29 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Thu, 06 Oct 2022 11:03:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1652
Md5:    818725d60bc35b06909b4ba16316962e
Sha1:   e6215ad1b0cf1201ffb84b742de58a63a07ae4a3
Sha256: 29d7288a04b697ae3627fb853ecf676be13cbceb16fab89bb6656e417299063a
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 759
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 39
x-trace-id: 3d5afc78abbb4aa715fc2ebec4838c1a
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=f20d6d5083154474a6359c4caa13ae66 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 99
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=cac36b8e56f24ab881e8ada1c9ed850f; oaidts=1664449409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 00c0cd704ea47d074780a47dba772b0e
access-control-expose-headers: X-Sc
set-cookie: OAID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None oaidts=1664449409; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6414), with no line terminators
Size:   2653
Md5:    87c4cd1fcafea77c0e3e50f65236e161
Sha1:   4092ff8c1d4fb73fc15344a699c2715a6c3d688d
Sha256: fd943fcbbe8b52e65b98c679acb026bd9bbd5e4088c34bde6c0af51320120ed3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /500/5307588?excludes=&oaid=f20d6d5083154474a6359c4caa13ae66&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6E308B5EE7449BBC2928C9BD352B1EE6D2B1A5C4D948330A4AF0765692618E1F"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6847
Expires: Thu, 29 Sep 2022 12:57:36 GMT
Date: Thu, 29 Sep 2022 11:03:29 GMT
Connection: keep-alive

                                        
                                            GET /400/5307588 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
x-trace-id: 71bcf7777e1645a1d3a144e002b133d1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=eb746450c50b404185ecde0c6a77d974; expires=Fri, 29 Sep 2023 11:03:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31588
Md5:    85f94ad65a33bb9745d1092c488cf6d1
Sha1:   501c97a2ef74e9371fcb1cc1bf31edd5427aa301
Sha256: 9a8ab769e901f446d37abc04c640deaa149609e8c21875777d196f98a56468e5
                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: fleraprt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonymfile.com
Content-Length: 1522
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.254
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Thu, 29 Sep 2022 11:03:49 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11442
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 11:03:30 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1193541709%26z%3D5307589%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D3DnXCU0XMT4PhVDZNzJNiP8mG-nn7QF1GiE3herlhpTDB0H5OtArJStOyTqsdsIJikqUCEK-6lp-O33ZBB9Tt4GrzVg41QD0NyqRIR8QMO3t-DJJRpA-PJt-BjikTQiOib2tEB0NNNEidMJTt24NCFg6xY7qNzuJLejC7uxxQ-JKyHsXRbTvCotrm1gEiUsmSqGuUiM07vGLF2c2fKgnajtE4OQMSZtXkamGIiNLbauGQ_hJvaPD0hcRN1sXjr2Tr4Pw0_i8aauGCcG7eTMEwgUSEoXxaTTrsSfFmS1d6OujJjadmv__yJqmAkSU_GyAmXlqMGqAnlg3Tf_GfKqI_EJ26rsFMxWhVtHEJAYfGK_uUiCZVcjfz9u4NRwTlCKoeHyvjF7Bd8V_Y2LtIhJDVv3xVNtY3BUKKeeTt0Rjyi-KqkNerKuHWMFn-rA67QR5TdZhon1xAGmhupmMjuvWB_4DYY_vMYxhwFRupZ80HGZlkYASphiiGZIcAcW3BX9XT5dLdb1ILev_IeIgjCvoLjMKQ_ThCtGdDl2BNBHGDdLAN6QfcSkv4ynJiHU-MGZhcm-Atrwmqo-4mUyBVWTAb4VfOJNQyaREg7nFuhijaDjexxDKL3usMzinI2muN63vOk-brg3ZSpMnAkec%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dbbf246d5-6a2a-457a-9a7c-c4988fa5bc8d%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FJ2oO%252Ftext.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:30 GMT
content-length: 19158
last-modified: Tue, 10 May 2022 15:13:46 GMT
etag: "627a812a-4ad6"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   19158
Md5:    591887696d730a6449b8b7387d630f8c
Sha1:   6d3270da32d09e8456956eb63a22f4ddb8c7d1d1
Sha256: bc664179d3ed921f7a6c959a125faf1cb25a03de68f0b19adf80c92560d0bae4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11442
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 11:03:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11442
Expires: Thu, 29 Sep 2022 14:14:12 GMT
Date: Thu, 29 Sep 2022 11:03:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 47584
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4093
Md5:    aed4d25286420a1405c3274931194002
Sha1:   c17c7bdfa4b40f9a0634da65c610869e5c410bf1
Sha256: f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:55 GMT
age: 46715
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4235
Md5:    30471179bd7cdeecea2fa4ea98701aef
Sha1:   2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
Sha256: 967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
                                        
                                            GET /contents/s/82/c2/98/967e4b350bb719ede4040f63f0/0955806248559.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1193541709%26z%3D5307589%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D3DnXCU0XMT4PhVDZNzJNiP8mG-nn7QF1GiE3herlhpTDB0H5OtArJStOyTqsdsIJikqUCEK-6lp-O33ZBB9Tt4GrzVg41QD0NyqRIR8QMO3t-DJJRpA-PJt-BjikTQiOib2tEB0NNNEidMJTt24NCFg6xY7qNzuJLejC7uxxQ-JKyHsXRbTvCotrm1gEiUsmSqGuUiM07vGLF2c2fKgnajtE4OQMSZtXkamGIiNLbauGQ_hJvaPD0hcRN1sXjr2Tr4Pw0_i8aauGCcG7eTMEwgUSEoXxaTTrsSfFmS1d6OujJjadmv__yJqmAkSU_GyAmXlqMGqAnlg3Tf_GfKqI_EJ26rsFMxWhVtHEJAYfGK_uUiCZVcjfz9u4NRwTlCKoeHyvjF7Bd8V_Y2LtIhJDVv3xVNtY3BUKKeeTt0Rjyi-KqkNerKuHWMFn-rA67QR5TdZhon1xAGmhupmMjuvWB_4DYY_vMYxhwFRupZ80HGZlkYASphiiGZIcAcW3BX9XT5dLdb1ILev_IeIgjCvoLjMKQ_ThCtGdDl2BNBHGDdLAN6QfcSkv4ynJiHU-MGZhcm-Atrwmqo-4mUyBVWTAb4VfOJNQyaREg7nFuhijaDjexxDKL3usMzinI2muN63vOk-brg3ZSpMnAkec%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dbbf246d5-6a2a-457a-9a7c-c4988fa5bc8d%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FJ2oO%252Ftext.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:30 GMT
content-length: 32256
last-modified: Tue, 10 May 2022 15:13:44 GMT
etag: "627a8128-7e00"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Size:   32256
Md5:    82c298967e4b350bb719ede4040f63f0
Sha1:   0a3678abbe2a94cb22f899adb63f857a129932d5
Sha256: 6ab4ac6861339a2383b43b01bfde795b1879792329b3121be0f332a96cd01f8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5222
x-amzn-requestid: cb2849d8-9579-42c1-84c9-e59700104aba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKaUGnAoAMFrTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bddb-3649a45539964e985ee41911;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v1EEfyICGujupCV26P4JAgnY-NHtvFVVWwxA0PNLs-Ky-FuR0TTDOA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 47584
etag: "4a35c50b5b16779582a75078b6df090892358d3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5222
Md5:    eece069cebb7039dbba50ec1cd73daab
Sha1:   4a35c50b5b16779582a75078b6df090892358d3b
Sha256: 41ad701a8ea3dcbfc38cb0701f3b24a6b833f6b1197014e10530c40496b6a13c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C380CB3C3DE69CACE9CCA15D27745FAA180CC89BB5AD521F46070402F6FFD386"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1782
Expires: Thu, 29 Sep 2022 11:33:12 GMT
Date: Thu, 29 Sep 2022 11:03:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 63920
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.22.216
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 11:03:30 GMT
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Fri, 30 Sep 2022 00:06:40 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 39409
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75243b8d49c4b50f-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   76281
Md5:    a563edd673308b2cd8cc1ec9c0543417
Sha1:   bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
Sha256: bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.194.45
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 11:03:29 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFrleSaQiXyArJ60CokwAGjTFH3MJMME86K3TIFepT6iHF3eMu%2BefQ7zduvDBjSNBeJIP1ccUaKufsSKEjqxjuh%2FnfDKYk1CAGkk8cq0t3%2FDPoaozebwlAN5d2DlDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75243b896b32b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (32771), with no line terminators
Size:   30782
Md5:    1b3f4543ffa7f284c060a68f855352b7
Sha1:   5b3c8e4c6b0bd2fc71ace25d9f487e523b83a14c
Sha256: 48b80bb736135ec27f855782dbab91d743fe1dad06d00a72b118541ca21130d9
                                        
                                            GET /?l=p8NYtlbFpV62T4w&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D1193541709%26z%3D5307589%26b%3D14566424%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D3DnXCU0XMT4PhVDZNzJNiP8mG-nn7QF1GiE3herlhpTDB0H5OtArJStOyTqsdsIJikqUCEK-6lp-O33ZBB9Tt4GrzVg41QD0NyqRIR8QMO3t-DJJRpA-PJt-BjikTQiOib2tEB0NNNEidMJTt24NCFg6xY7qNzuJLejC7uxxQ-JKyHsXRbTvCotrm1gEiUsmSqGuUiM07vGLF2c2fKgnajtE4OQMSZtXkamGIiNLbauGQ_hJvaPD0hcRN1sXjr2Tr4Pw0_i8aauGCcG7eTMEwgUSEoXxaTTrsSfFmS1d6OujJjadmv__yJqmAkSU_GyAmXlqMGqAnlg3Tf_GfKqI_EJ26rsFMxWhVtHEJAYfGK_uUiCZVcjfz9u4NRwTlCKoeHyvjF7Bd8V_Y2LtIhJDVv3xVNtY3BUKKeeTt0Rjyi-KqkNerKuHWMFn-rA67QR5TdZhon1xAGmhupmMjuvWB_4DYY_vMYxhwFRupZ80HGZlkYASphiiGZIcAcW3BX9XT5dLdb1ILev_IeIgjCvoLjMKQ_ThCtGdDl2BNBHGDdLAN6QfcSkv4ynJiHU-MGZhcm-Atrwmqo-4mUyBVWTAb4VfOJNQyaREg7nFuhijaDjexxDKL3usMzinI2muN63vOk-brg3ZSpMnAkec%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3Dbbf246d5-6a2a-457a-9a7c-c4988fa5bc8d%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FJ2oO%252Ftext.zip%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=tvsIu2NxCJLW6olLUohnacMUnZGSTMtCdNTO-bTli2U; expires=Thu, 29-Sep-2022 12:03:29 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11412
Md5:    71dd8a452aefaf7f86b74a30377f817b
Sha1:   416128e96ba8e9b296f50cd2b407f574084dabb8
Sha256: 11aa1b71b5589ebf5345aacdca09d07431568d97c829fab9768dc92c8bf9a89a
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:30 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6a66312de12a1aba4f052d6134859f21
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:30 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: d59fd307ecbfeec104f46afb1ba39256
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impression/3et1ff9aYgTJBdwSP_raDiCYpaU-nBD7aJNUwPqLnKRDUVEa99m_ivlXiCV55F_hYn8MHYoQEXXiut4tWW-1GRVhTYaIthNBACxdh22MfjFSP74aXGp87ahg_W8wRCNuzdb-9WqQVJ9LxbkzpFzLrfiYYiAvMCtvjb6obd-t05V2Sztktq28OTi3vnLXH2fLzokQ1Cvp7k19TW_KstpSnTy55yqe3fFXurHlpqd0lFdCYi4nMuh7Mn2jEHlDFbCypGI2qRvYLY6oD2-Fob6baKM0nulDOh4reSjiLYn5R08NDZqdFsuDD__wZbg8BRSb54xykmlx_q2Jx-t86Rao7Z_iGl6wVH2DzoYh6dAiHJcNS26bWXKNTb5l9f54L2pidLB14OLXGlcgJzmEdYC0XcH2rVu3NTIAQkii7hyclU63PiMk-5V69WiupOP-2cZ7mHKrYoRrDqWvbeiLfDco4kd0mfBE9X5UV5pBzB_DO2wNrFWsJUNNMeUExc-VLllY2rTIIm081_VeNmcGazFriFGFEgYsMrxp-2Fabbt4VT3vurdCarI0BH5gTgNak0Auonm1o5azYuaeNhslkn9F8kXql0C2pXEbKl3LlsGMFUmZWP07k79LCrnVrPEaSAdPWDzTYYpx2Bd_eGPrKno8cQ==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=f20d6d5083154474a6359c4caa13ae66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:34 GMT
content-length: 43
x-trace-id: 855a8b47f4d07b2def1ef5cb5ff5d956
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            OPTIONS /500/5307588?excludes=14745758&oaid=f20d6d5083154474a6359c4caa13ae66&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /www/images/96d73cf80f752e9319997c6e575c3b82.jpeg HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.22.216
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 29 Sep 2022 11:03:34 GMT
content-length: 11449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "627e5574-2cb9"
expires: Thu, 29 Sep 2022 11:32:37 GMT
last-modified: Fri, 13 May 2022 12:56:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 84657
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75243bab6b0bb50f-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   11449
Md5:    96d73cf80f752e9319997c6e575c3b82
Sha1:   3dcf9d3b3e94698a842b1a98de17a02a8c3b4457
Sha256: 44dc0e0d92f12e669842f12722ca1a1848fb4be50deabd86c7d9deb64946db86
                                        
                                            GET /gid.js?pub=0&userId=ccca681aacfc4b6e8e92bdf63dfc3119&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=f20d6d5083154474a6359c4caa13ae66
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:36 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    94480229f5437b3e47aca36e69cee51e
Sha1:   30ea60ac430427224c34fc8edac990f2c53762cc
Sha256: b650f03370e6e747b4fd03cd9999d4ad657431c5ad432b11d7f1d886e8be371c
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 386
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:36 GMT
content-length: 39
x-trace-id: b237661496bafcaa183d1c03c742b697
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /J2oO/text.zip HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; expires=Thu, 29-Sep-2022 13:03:28 GMT; Max-Age=7200; path=/; samesite=lax anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D; expires=Thu, 29-Sep-2022 13:03:28 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 29 Sep 2022 11:03:28 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Thu, 29 Sep 2022 11:03:28 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/5307588?excludes=14745758&oaid=f20d6d5083154474a6359c4caa13ae66&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=f20d6d5083154474a6359c4caa13ae66
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:34 GMT
x-trace-id: a543453a3b0f4be822705bd444192359
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fv.js?t=72747&cb=1334618836 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:30 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f51db797787728f63d3cc70b92d7d64f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pagespeed_static/js_defer.I4cHjq6EEP.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 11:03:28 GMT
last-modified: Thu, 29 Sep 2022 11:03:28 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.124.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE4E81Q56MARZSRMQRXCZRQV-ams
cf-cache-status: HIT
age: 419
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75243b83cfceb529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Thu, 29 Sep 2022 11:03:28 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /500/5307588?excludes=&oaid=f20d6d5083154474a6359c4caa13ae66&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJ2oO%2Ftext.zip&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=eb746450c50b404185ecde0c6a77d974
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
x-trace-id: a8e9ec54f80c87fad2e60023981d4513
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f20d6d5083154474a6359c4caa13ae66; expires=Fri, 29 Sep 2023 11:03:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pagespeed_static/1.JiBnMqyl6S.gif HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:28 GMT
last-modified: Thu, 29 Sep 2022 11:03:28 GMT
cache-control: max-age=31536000
etag: W/"0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/site.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:28 GMT
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.211.29
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:29 GMT
x-trace-id: 22fe43d890134b062c04d728d6966970
cache-control: max-age=86400
last-modified: Wed, 28 Sep 2022 07:57:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 30 Sep 2022 09:48:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSc9tR65rfY2Fm23RcmSv5kJxOejlXTmphvazE2vvGGfDXsFqtejVqIN22zdFj4MM5t71Ya3PWVH%2FzTNOMehp8kxX%2FKLtSvah3AkRi27KItx1pdNk7pJktfyM6Jkl718"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75243b863a931c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1?z=5307589 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8b3540fadee384e48bc47ee6df05898e
access-control-expose-headers: X-Sc
x-sc: mLnmelSmqWO2armGjnw870_C1aZwfVW--8ylLtqKH_k0ACF26Vf59jQ2UR9E5jUbUQltCYD95b9nlnyB1pFBvAqg9SE=
set-cookie: scm=1; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None OAID=cac36b8e56f24ab881e8ada1c9ed850f; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None oaidts=1664449409; expires=Fri, 29 Sep 2023 11:03:29 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=cac36b8e56f24ab881e8ada1c9ed850f; oaidts=1664449409
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:29 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css/theme.min.css HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/J2oO/text.zip
Cookie: XSRF-TOKEN=eyJpdiI6Iit5cTlvQlNicDJUZWtxc0pjcFpkdXc9PSIsInZhbHVlIjoiQkU0V1NCS0JCaVNQZ2Z0NS84VkpQcTA4d1NxbWJuenN1NTJibm1FRkh2aHd0M1FJdkZDMUMybFFQNUYyeHhRdkxJV292cXRyM0lwaFUyd3lCR3hDcHFXb0UvN3ZHVWhXOXF3eStMb3V1VjFQWU90bHYyQWRVZEIxNHNxcU9ZcGEiLCJtYWMiOiI4ODIxOWE5NTg5ZDI4NjA0NTgzZjQ2MGM4Y2Q4YTIxNjY3NzQ1ZTc3YzViYTBhYjE4OGM5MGNjNDM3NjJiODA5IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ii9ZMTUyTkdGMzl4SnJMZURaN0dUMkE9PSIsInZhbHVlIjoiL3VseFFwOXhZTFlncE9KclFwWE5pVk11MzVvM0pUWVVsQTIrZyt6REN2U053WklOb1dTbjV1MlBOTSszbm5pWXd1RG5hRERJenVEWldDaSt3S212V2UzSCtJT3hMYSthSDIvMUduUXd6blBtMjhhZWxpcEdoYlNqZW5melZaNUgiLCJtYWMiOiJhYTY0YjAwNzFjN2EyODI2MTNjM2QyZjg0MjNiY2YxMzI2M2E0N2Q0NDZmZDI1NTU4OGQ2NTU0ZGIzYTRhYzBkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 29 Sep 2022 11:03:28 GMT
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.124.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Thu, 29 Sep 2022 11:03:28 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE4E3EGPMK3QQS7GS4FHQ57K-ams
cf-cache-status: HIT
age: 570
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75243b83dfdeb529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---