Overview

URL anonymfile.com/JyoJ/l2giran.rar
IP138.201.48.112
ASNHetzner Online GmbH
Location Germany
Report completed2022-09-29 01:42:54 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
2022-09-29 2 pseepsie.com/custom Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-28 2 tovanillitechan.com Sinkholed
2022-09-28 2 tovanillitechan.com Sinkholed
2022-09-28 2 tovanillitechan.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed
2022-09-29 2 unphionetor.com Sinkholed


Files

No files detected



Passive DNS (23)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.49
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 34.213.140.56
mnemonic passive DNS unpkg.com (3) 11693 2016-01-07 23:26:01 UTC 2022-09-28 07:06:09 UTC 104.16.126.175
mnemonic passive DNS onmarshtompor.com (1) 24517 2020-10-19 12:36:32 UTC 2022-09-28 14:01:51 UTC 139.45.197.243
mnemonic passive DNS dozubatan.com (6) 33479 2021-05-18 14:02:27 UTC 2022-09-28 16:31:41 UTC 139.45.197.237
mnemonic passive DNS bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-09-28 08:28:16 UTC 139.45.197.234
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 18:56:49 UTC 143.204.55.115
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-28 12:03:19 UTC 139.45.195.8
mnemonic passive DNS interstitial-07.com (2) 36198 2017-03-09 00:00:07 UTC 2022-09-28 14:35:32 UTC 139.45.197.151
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-28 04:39:17 UTC 104.18.21.226
mnemonic passive DNS pseepsie.com (7) 132332 2021-03-12 04:11:08 UTC 2022-09-29 00:40:22 UTC 139.45.197.250
mnemonic passive DNS unphionetor.com (2) 54035 2022-02-11 12:53:49 UTC 2022-09-28 17:53:13 UTC 139.45.197.236
mnemonic passive DNS tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-09-28 16:32:27 UTC 104.21.84.149 Unknown ranking
mnemonic passive DNS anonymfile.com (10) 0 2022-08-09 20:53:13 UTC 2022-09-27 18:39:11 UTC 138.201.48.112 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (12) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-28 18:52:26 UTC 93.184.220.29
mnemonic passive DNS cdnjs.cloudflare.com (9) 235 2020-10-20 10:17:36 UTC 2022-09-28 05:34:56 UTC 104.17.25.14
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-28 04:37:53 UTC 151.101.85.229
mnemonic passive DNS tovanillitechan.com (3) 0 2022-07-22 05:21:08 UTC 2022-09-28 21:00:23 UTC 139.45.197.239 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-28 14:51:00 UTC 104.18.32.68
mnemonic passive DNS offerimage.com (1) 304078 2019-06-10 11:11:53 UTC 2022-09-29 00:40:38 UTC 104.22.33.172
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.201.48.112

Date UQ / IDS / BL URL IP
2022-12-10 06:15:31 +0000
0 - 0 - 7 anonymfile.com/bJXZW/20221208173000-202212081 (...) 138.201.48.112
2022-12-09 04:16:59 +0000
0 - 0 - 5 anonymfile.com/gz5kO/100k-samples.txt 138.201.48.112
2022-12-08 15:20:42 +0000
0 - 0 - 8 megafile.cc/5Bdg/mod-idensxsnail.rar 138.201.48.112
2022-12-08 15:20:12 +0000
0 - 0 - 6 megafile.cc/5Bdg/mod-idensxsnail.rar?PageSpee (...) 138.201.48.112
2022-12-06 22:14:28 +0000
0 - 0 - 13 anonymfile.com/kWXWV/super-email-validator-v43.zip 138.201.48.112

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-12-10 06:40:34 +0000
0 - 0 - 9 pos.restaurant-appelbaum-edersee.de/ 88.99.240.133
2022-12-10 06:15:31 +0000
0 - 0 - 7 anonymfile.com/bJXZW/20221208173000-202212081 (...) 138.201.48.112
2022-12-10 06:02:22 +0000
0 - 0 - 1 fckmnk.com/click.php 78.46.44.254
2022-12-10 05:56:58 +0000
0 - 0 - 36 mountcannabliss.gr/ 5.9.8.16
2022-12-10 05:16:56 +0000
0 - 0 - 4 zcode.io/ 94.130.142.37

Last 5 reports on domain: anonymfile.com

Date UQ / IDS / BL URL IP
2022-12-10 06:15:31 +0000
0 - 0 - 7 anonymfile.com/bJXZW/20221208173000-202212081 (...) 138.201.48.112
2022-12-09 04:16:59 +0000
0 - 0 - 5 anonymfile.com/gz5kO/100k-samples.txt 138.201.48.112
2022-12-06 22:14:28 +0000
0 - 0 - 13 anonymfile.com/kWXWV/super-email-validator-v43.zip 138.201.48.112
2022-12-04 18:58:36 +0000
0 - 0 - 8 anonymfile.com/zn3Pj/casual-paka.zip 138.201.48.112
2022-12-03 21:17:11 +0000
0 - 0 - 5 anonymfile.com/zn3Rx/how-to-draw-manga.zip 138.201.48.112

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-23 15:51:34 +0000
0 - 0 - 9 anonymfile.com/BW4y/udemy-aso-anime-manga.zip 138.201.48.112
2022-10-22 01:50:05 +0000
0 - 0 - 8 anonymfile.com/lEa9/decryptor.7z 138.201.48.112
2022-10-14 19:24:28 +0000
0 - 0 - 12 anonymfile.com/9OYD/pack-apks-premium.rar 138.201.48.112
2022-09-29 11:03:38 +0000
0 - 0 - 13 anonymfile.com/J2oO/text.zip 138.201.48.112
2022-09-27 18:39:08 +0000
0 - 0 - 4 anonymfile.com/qrE7/amongusv2202changename.ba (...) 138.201.48.112


JavaScript

Executed Scripts (27)


Executed Evals (2)

#1 JavaScript::Eval (size: 79, repeated: 1) - SHA256: e701bd98fee83a98c004a64282ac2891d2d29cae4f49c4394d5bf52b6d41db30

                                        (() => {
    const a = async
    function name() {};
    window['b4kgvje3dz'] = true;
})()
                                    

#2 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 2477b814b8ad1a91f87132c07e73e884d9448987538b5be15f5292327cbbca6f

                                        var psaFunc = function() {
    this.media = 'all'
};
                                    

Executed Writes (0)



HTTP Transactions (77)


Request Response
                                        
                                            GET /JyoJ/l2giran.rar HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         138.201.48.112
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 29 Sep 2022 01:42:43 GMT
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/JyoJ/l2giran.rar
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 01:15:48 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8zq_ytFcRFQFd4HuCVfow50SlpkJP2XYiHzCuru8b667PQ3YGEB10A==
Age: 1615


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2355
Expires: Thu, 29 Sep 2022 02:21:58 GMT
Date: Thu, 29 Sep 2022 01:42:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qD3v5HpHYrbgO4SBbsZ64jIA-fRCUqLV9y1Cna8f_Lc5Ym5_d7UbPw==
age: 72857
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /img/logo-anon-warning.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Thu, 29 Sep 2022 01:42:22 GMT
expires: Thu, 29 Sep 2022 01:47:22 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15344
Md5:    7b596f481388ac5ef6d74a15a351f6c3
Sha1:   6756e88c0b46cc981b7bbbdaf2ead77bd258a472
Sha256: cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 01:29:33 GMT
Expires: Thu, 29 Sep 2022 02:16:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4ZtkSecZYQDgVAfTVKm_voqg3ZDFwpaNuQpbr6NIshKppMIjjd9zuw==
Age: 791


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/main/footer.webp HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Thu, 29 Sep 2022 01:42:22 GMT
expires: Thu, 29 Sep 2022 01:47:22 GMT
cache-control: s-maxage=10
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   178070
Md5:    79ccb3a1b78412a1a530284f45ea7056
Sha1:   626d0494e1bd871e67ecffad44d04ac2343fb7e5
Sha256: 3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4017
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 01:42:44 GMT
Last-Modified: Thu, 29 Sep 2022 00:35:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5295682
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z29C%2F3NMTtnrEOnfFhsdBzowlG75mvR8zopxIILzJMhUzSr4CVI8pwLU6YDs2UGDXHMEakeiqRbXNdoSYg4PszaQJVYAC6ReGHjf1IFwz5I8wVeGaxll6iTFTCrSp47lxjj7Bfs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f59e20b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65345)
Size:   14374
Md5:    642445b86596bdeaa98e92faa2064fc6
Sha1:   6c5539660bf533d34e37b917973c941d1c963374
Sha256: 4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5460985
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqbVBEdQX1wSqq32bjk%2F1AesDNtaqQQmwmPRpWi0crzGTMeM00jPYlnjhSqC4cQvmuBru5kvj31PzwCtVCJHE2gyOiuz0Gy6GVg9lFAreQV6ArPobsVx1LprQA3KbpEVec8gBLzd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f89f10b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            GET /ajax/libs/popper.js/2.10.2/umd/popper.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 6037
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6155af49-1795"
last-modified: Thu, 30 Sep 2021 12:36:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7458573
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeLBNmSICJHLekHPSP3RzA1XWdR0nuqlGU2oPTc6SdwsBIknS%2BtxgpgaGZ6wMacw2vOBdCOOucJp3bpEcJ6WKZPdQzrcnDBBZpa9rXvxMDL5XDSVjgEJ8FmjtY84zZoxHKvXOdHi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f89f20b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18706)
Size:   6037
Md5:    3773d4bd82b03cdfd02c9fd691f80d78
Sha1:   c4d89a2de179c90944835571b45877048f3c1424
Sha256: 5d05303e3777fd4f588b7167d0a22cd5ca499c238f78ec0cecbb3a8786de332d
                                        
                                            GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5459652
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxuwJAUAhLScEsOyZRXrctGmNN70svrPG1TpsUSTcsmh3f6Orn4gQCZKIHYNtRLuDhPVLNGa57hjlMXfa6lLRVvEdcFf11vCEdC%2BW7w8ZH7BXWNeKdUlOm0Kg%2BLPuhpqP%2BRHjMmF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f89f00b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65370)
Size:   29707
Md5:    d18c98bb03dac8dd996130d56f3d8e8c
Sha1:   cc1777baef75c9438534927036a21f22e91e5578
Sha256: 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4017
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 01:42:44 GMT
Last-Modified: Thu, 29 Sep 2022 00:35:47 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4858710
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1t7tBZYlt6wmTmlYPNGkQj9cyU3PkadzBa0jNU%2Fr9r8WZY4tjdgSlLRQUqYbddXaDCjfKlFijsfRpUHkJmYRuxlodJsZJFeTWMTnj%2FReG2wQAG408ByuFOaxcQa3S63lzYfUfxT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f89f30b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58940)
Size:   14584
Md5:    28dbaeb9aa2638e0c4e6d9ffd3d14e9d
Sha1:   3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
Sha256: ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
                                        
                                            GET /img/logo-anon-warning.png HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size:   40729
Md5:    d52ea6ebcd0b10dcf112a9d6c43ceee0
Sha1:   641e5277e2e079f0e88e2899879fda8882e58d28
Sha256: 77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
                                        
                                            GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 804712
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYqIsrVOTwLxyXipVZ57dtI4%2F9%2FnyBJANQME3kZAz5QdX1yPTqInKpwg2Bp08l75ov%2FmSP0m7c%2FtKq%2F3m1jV1%2FkwrxBROdmugVKwcfi5VoPgFUKx8cG8k2Nap%2Be3%2Ffg1M5v5vjIX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061f99f70b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (10584)
Size:   3000
Md5:    e34a4db0b42ca907e0b7a56cd4b145ec
Sha1:   2dc36a7dcdfc42d122b23ef91483d27865c4285f
Sha256: 4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
                                        
                                            GET /pagespeed_static/1.JiBnMqyl6S.gif HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:44 GMT
last-modified: Thu, 29 Sep 2022 01:42:44 GMT
cache-control: max-age=31536000
etag: W/"0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   2046
Md5:    c2a80a96a4651138f1ecf27b491bbd98
Sha1:   cbc6725523d2fbef77a224426b132d5627e95e52
Sha256: b125f35c25222c31540f9f2200e63687fa758fe2aa9aa1431b41f6bf9af2731d
                                        
                                            GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5459652
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPh6KLlvzN1Eo92xQOFaCYZxVsDCzJ2QO5lWH4G7VaENWbHnQ0Ce9bGCAg6R8%2BwLQrbQ1uHi8mbk%2Fi0PylrUqWq9qYjTx4jZ%2FmP1x%2BZKl8V9vHoQPJFCs99Ar4P6mYMPSx5ciFDS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7521061fca030b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65370)
Size:   29707
Md5:    d18c98bb03dac8dd996130d56f3d8e8c
Sha1:   cc1777baef75c9438534927036a21f22e91e5578
Sha256: 89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
                                        
                                            GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 29520
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnxJjdbMWRraLJQtOWBik5erWrDrASNnCEbkR%2FNWk%2FYgy4xrF9K5xusxZjcyfT930DlPvfXbcTWTHQ%2Bh4d6PTLqf532iwfxTOXRDFHz8aeQj%2Fcg3UkyJLLKDPxeFwAay4jFwFPjK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752106200b180b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (17282)
Size:   2934
Md5:    78aabb09e30a9eb6f833cbb1b48bdb2e
Sha1:   e876ff16b6c511bc217973e51202aaaf23a4e936
Sha256: 8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
                                        
                                            GET /npm/sweetalert2@11 HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 11.4.35
x-jsd-version-type: version
etag: W/"110e0-VXFRQufIpr0uGcBhFw1t474Se08"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 01:42:44 GMT
age: 18092
x-served-by: cache-fra19153-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19178
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (44103)
Size:   19178
Md5:    76078a874eaae17695ece49b6faaecf2
Sha1:   335828538d3770b36599176648c24cfe2c67e074
Sha256: f26a8ff5142891ba534583d0e9ba1ab4ac9c33dc14bc0f41a8bbe5bb98939eab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2483
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 01:42:44 GMT
Last-Modified: Thu, 29 Sep 2022 01:01:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5460985
expires: Tue, 19 Sep 2023 01:42:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJw%2FaCY35DHfSS3NXgvfP6XTlie4Rb7uqeBVYGCVgXUR%2Bdh%2FyJlhyM65iBfOcMvwrfmptVPig5QZZD%2FG0PZc9lTxe%2FtoOrVQPFSYgAvrWmwFhr3UdGxrBJuYiNMg3lE3%2Fe53unNm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752106203b240b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 01:42:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "CEFEA22FCD43CF323C86567EB80F904BF4EBBAC6"
Expires: Thu, 29 Sep 2022 12:00:00 GMT
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3442
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752106204a180afa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    9d0a3076c1f1e5a13e6462e5ed8fd5e5
Sha1:   6287803e3c8ba14172ba12f94c707a4596100c60
Sha256: 4dbc737072f33093785b2f8c3be736a14f05269f7acd9990b1abf15217e898f9
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E6kTo7KJNjKNfWrE5gykhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.140.56
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y1NBCNB6YaeC3VVT83+k7roeCa4=

                                        
                                            GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.126.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE3EJ40K2CTMQNX7AKER88QN-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7521061ffb81b4f4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   105370
Md5:    2f062e53efb7356ac78d60ba1769b7f9
Sha1:   9ddfc437cd6dc8a69d140f2236b93c0907127a2a
Sha256: afc55a5911f7423270509898239355368dee889c7d6e232dff04d77e4b6159f7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F53E378D2706F03AF59A3145B48096C852D7A74781AAF9EF5C1313EFBA2E3E12"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Thu, 29 Sep 2022 02:21:50 GMT
Date: Thu, 29 Sep 2022 01:42:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "438EF5AE0E1522A076692ECAD97A8DDFC6825D7C0F9CB89BC182935866290238"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Thu, 29 Sep 2022 03:30:21 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F7E228F9E1492398FAD8A7E3432F2FC7ACD95B1A32AFB79812CAA02C609D53D4"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5129
Expires: Thu, 29 Sep 2022 03:08:14 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7C1B8331746B30B21064022B01E2094F6B579CB458E68E8BBA6C759168D44BFA"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7726
Expires: Thu, 29 Sep 2022 03:51:31 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 664
x-trace-id: 25b61f4916da1db03d34ea09b07a423c
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (663)
Size:   664
Md5:    924f83d583902548517c3327ff8e4493
Sha1:   7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
Sha256: 92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
                                        
                                            GET /42/38?z=5307589 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=ed3f990b540b4772af2e874355150377; oaidts=1664415765
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 79455eba2922eacb4fe221a2190816a9
access-control-expose-headers: X-Sc
set-cookie: OAID=ed3f990b540b4772af2e874355150377; expires=Fri, 29 Sep 2023 01:42:45 GMT; secure; SameSite=None oaidts=1664415765; expires=Fri, 29 Sep 2023 01:42:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 01:42:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=361952,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521062448230b3d-OSL

                                        
                                            GET /gid.js?userId=c672fe7a32ba4fdc97dc612b0a394644 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bfa1c4c43de5a16412615928a0dc745b
Sha1:   feb1b671c8e5004ec6174283e3dfd377ee29a2b9
Sha256: 27b1a31002522b0676395e6c14d59b11a8dc99975f75f039d189c6967c7235cc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "38328145D631F89145DE9CFCD5E82AAC39454EAC8F446EA59594FF988135637E"
Last-Modified: Tue, 27 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6963
Expires: Thu, 29 Sep 2022 03:38:48 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            GET /27/b7bd02994a2771796f8a835cfb750d4b HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=ed3f990b540b4772af2e874355150377; oaidts=1664415765
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 22 Sep 2022 08:42:06 GMT
expires: Thu, 22 Oct 2082 08:42:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65523)
Size:   131245
Md5:    369181a44ab40b3cc2510921246c5f4c
Sha1:   ffcd2eea059c0aaba575bf0b397f89c81f83e802
Sha256: d064fbc3c4aa4abe30d92bbdf1ec17c20c900b730ddac549f35e762bec33717b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=c672fe7a32ba4fdc97dc612b0a394644 HTTP/1.1 
Host: tovanillitechan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 105
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=ed3f990b540b4772af2e874355150377; oaidts=1664415765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 830c9d559b3d8092b433b3cd544e2c7d
access-control-expose-headers: X-Sc
set-cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:45 GMT; secure; SameSite=None oaidts=1664415765; expires=Fri, 29 Sep 2023 01:42:45 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2917
Md5:    af6cdc5c59ac619874c4d137e4b092a1
Sha1:   1d543142c0a54ae778d13e1c2431fbe727925e07
Sha256: 2405012f68a7feeabb014263eb8b879c07d9a4415964118641c98c6bc49d780a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 762
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 39
x-trace-id: 59ea924257aebcd83def009704e5b713
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /?rb=tcFlRpfaQGb4Mho9IXWYvGPgIfx3QbZfHL7tV42FQUch86TJ_cGn5nCZ5PtwB5E6Iu1pDj7PANf9NkJytmskRiGQnfXyRbMQaf6N9rIHRQwXg6aF4-AaWHao-CzoIRoNYbJyRInbdLYwXDpG7ZCJ7HltcsdtYBaNsHU5j-qiBwCNLHvOhbOLTdHH8VT0QgzuUBuVPq3I49f6qrT6iS68XeqjtGM%3D&request_ab2=0&zoneid=5307591&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=54f99607-9042-4ffb-aea8-52095fad9098&userId=c672fe7a32ba4fdc97dc612b0a394644&m=link HTTP/1.1 
Host: onmarshtompor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.243
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
x-trace-id: cd4df7414e72e3c5afb740d2b6a6fc90
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None oaidts=1664415765; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Thu, 06 Oct 2022 01:42:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2134), with no line terminators
Size:   1621
Md5:    91b5d393ea9bac3ea98c52e78100168b
Sha1:   c962c93e85a6db1affc029d3f70a13df37b89b89
Sha256: a67411f3dfe635b1696b63a493b3b028e345ee8015beb8b323933c864822fb37
                                        
                                            OPTIONS /500/5307588?excludes=&oaid=c672fe7a32ba4fdc97dc612b0a394644&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Thu, 29 Sep 2022 01:42:44 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Size:   5454
Md5:    b98d2a9865b8f1ce96dba22dfd254e6e
Sha1:   5879c7cc79580488993654fd1e14ff60e8451da6
Sha256: e1b78db59c242daf47547a4517aed3c83a078c952c9e7cbe4784437a5af6be04
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 01:42:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 00:52:20 GMT
Expires: Mon, 03 Oct 2022 00:52:19 GMT
Etag: "a28e34ab71eea646efaf0a505a3bd07671bd6012"
Cache-Control: max-age=341973,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521062739170b3d-OSL

                                        
                                            GET /400/5307588 HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
x-trace-id: c88b1551b9415ba2db5fb79ae18ebe6f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4f3d904a10af4e67ba8e610029abef51; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31132
Md5:    e3736ca4c8d4975d40dfa72da9accb65
Sha1:   38b76d74c1702787cfb3c9000a9cf89c5b4769d9
Sha256: 4927746af24d69a5928717239372ef24be2252c9bd02f935bbf20f5823fa5d52
                                        
                                            GET /contents/s/d6/8b/74/1399c81d3d40323a9283c84de7/01611244700873.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ESInDNHsgDSQ0sO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D2031453045%26z%3D5307589%26b%3D15013339%26c%3D6137250%26var%3D%26d%3Dhttps%253A%252F%252Fengingrepare.com%252Fb68fbfec-7b24-433b-9c67-97b9b84e7421%253Fzoneid%253D%257Bzoneid%257D%2526bannerid%253D%257Bbannerid%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526device%253D%257Bdevice%257D%2526region%253D%257Bregion%257D%2526isp%253D%257Bisp%257D%2526useragent%253D%257Buseragent%257D%2526language%253D%257Blanguage%257D%2526connectiontype%253D%257Bconnection.type%257D%2526cost%253D%257Bcost%257D%2526visitor_id%253D%2524%257BSUBID%257D%2526country%253D%257Bcountry%257D%2526zone_type%253D%257Bzone_type%257D%2526browserversion%253D%257Bbrowserversion%257D%2526carrier%253D%257Bcarrier%257D%2526campaignid%253D%257Bcampaignid%257D%2526osversion%253D%257Bosversion%257D%2526countryname%253D%257Bcountryname%257D%26cln%3D1%26btp%3D7%26rb%3D5mWmc2vi8LA5PxaQuhuojjivnoWYl1gZgrckpyTCt2Fky_P58gOLQRruqha0oBa6QD0UCQ1oFLWeGHtMkIzag2f8Q82mbn-AKZ2BzjkUhkKvE6DMyhykLqxXJy_Hg17NLpfSUk9783i9Y0ixiRuQe_WobbBYvXIurWVvZh0lOkQ1YgcQA4sK8w24AFR2Uw9NDq44b7EcnPhyrUSd1vYQjBogkxkTv9yZvtwmZnKtpEeMBGuMNu6noKacdO922ycfCqPiXRs50oNC3DiQEAX-YoPK1VPhTiplWNuBA4X-Obk3cGrmZx75xT2HJXG2dfxg-4jx_FJqmC8T0ynxibnwoqLb-Gm5uRiH8-dDl41MHxdgzALpov7mO-mv0jnhkUfqcyZGS8hXE7qcFxlzbLavCLMJQbXfUIFgqkD3zPeRUj0yaTIuckjmFJx6hButkLINkYNYeL9bh47NzTv-S1yffMfTmD3pZQnLUMPQj0_ZiQpzhJK7Tq_ee3n9jKqJZGD9DSR7-3Gsxg7uuQtc0TgJyQYXt71ArCHRuRcenIG5fQe00e5N51wh69V-LwmzRv17saAXmBKhjVKGOdcl66S7Sec7f0Iu4Q7R0grGXVxjsNjFXV3PQbbxFYPztC4T5JDJeZFqvPEBeGol2H6RJCxhdzsa0O28CpXII7ODRThohad5phPMvKh5mmP-z1cB1XeMo--9eZc0z9w%3D%26bag%3Drb1RSpHIeyhPI5UQPfzhWjPgueyo_Ree%26ruid%3D2cb65674-cd86-412b-a61f-25a8340c85fb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FJyoJ%252Fl2giran.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 31939
last-modified: Wed, 28 Sep 2022 19:39:16 GMT
etag: "6334a2e4-7cc3"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   31939
Md5:    d68b741399c81d3d40323a9283c84de7
Sha1:   5a9fed7a055d2cea7b377d097d8a1a4467b84b6c
Sha256: eafbd070e242221ff6a9f212d233c299858f92a8b9f2718bad4c99986c5f8b64
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C380CB3C3DE69CACE9CCA15D27745FAA180CC89BB5AD521F46070402F6FFD386"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=375
Expires: Thu, 29 Sep 2022 01:49:00 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            GET /contents/s/2d/40/af/8e20ab58355a466d1640c54da4/01291161879152.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ESInDNHsgDSQ0sO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D2031453045%26z%3D5307589%26b%3D15013339%26c%3D6137250%26var%3D%26d%3Dhttps%253A%252F%252Fengingrepare.com%252Fb68fbfec-7b24-433b-9c67-97b9b84e7421%253Fzoneid%253D%257Bzoneid%257D%2526bannerid%253D%257Bbannerid%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526device%253D%257Bdevice%257D%2526region%253D%257Bregion%257D%2526isp%253D%257Bisp%257D%2526useragent%253D%257Buseragent%257D%2526language%253D%257Blanguage%257D%2526connectiontype%253D%257Bconnection.type%257D%2526cost%253D%257Bcost%257D%2526visitor_id%253D%2524%257BSUBID%257D%2526country%253D%257Bcountry%257D%2526zone_type%253D%257Bzone_type%257D%2526browserversion%253D%257Bbrowserversion%257D%2526carrier%253D%257Bcarrier%257D%2526campaignid%253D%257Bcampaignid%257D%2526osversion%253D%257Bosversion%257D%2526countryname%253D%257Bcountryname%257D%26cln%3D1%26btp%3D7%26rb%3D5mWmc2vi8LA5PxaQuhuojjivnoWYl1gZgrckpyTCt2Fky_P58gOLQRruqha0oBa6QD0UCQ1oFLWeGHtMkIzag2f8Q82mbn-AKZ2BzjkUhkKvE6DMyhykLqxXJy_Hg17NLpfSUk9783i9Y0ixiRuQe_WobbBYvXIurWVvZh0lOkQ1YgcQA4sK8w24AFR2Uw9NDq44b7EcnPhyrUSd1vYQjBogkxkTv9yZvtwmZnKtpEeMBGuMNu6noKacdO922ycfCqPiXRs50oNC3DiQEAX-YoPK1VPhTiplWNuBA4X-Obk3cGrmZx75xT2HJXG2dfxg-4jx_FJqmC8T0ynxibnwoqLb-Gm5uRiH8-dDl41MHxdgzALpov7mO-mv0jnhkUfqcyZGS8hXE7qcFxlzbLavCLMJQbXfUIFgqkD3zPeRUj0yaTIuckjmFJx6hButkLINkYNYeL9bh47NzTv-S1yffMfTmD3pZQnLUMPQj0_ZiQpzhJK7Tq_ee3n9jKqJZGD9DSR7-3Gsxg7uuQtc0TgJyQYXt71ArCHRuRcenIG5fQe00e5N51wh69V-LwmzRv17saAXmBKhjVKGOdcl66S7Sec7f0Iu4Q7R0grGXVxjsNjFXV3PQbbxFYPztC4T5JDJeZFqvPEBeGol2H6RJCxhdzsa0O28CpXII7ODRThohad5phPMvKh5mmP-z1cB1XeMo--9eZc0z9w%3D%26bag%3Drb1RSpHIeyhPI5UQPfzhWjPgueyo_Ree%26ruid%3D2cb65674-cd86-412b-a61f-25a8340c85fb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252FJyoJ%252Fl2giran.rar%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.151
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 67696
last-modified: Wed, 28 Sep 2022 19:39:12 GMT
etag: "6334a2e0-10870"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size:   67696
Md5:    2d40af8e20ab58355a466d1640c54da4
Sha1:   9994d1306d1c1cb46019627443b71f3fc103af36
Sha256: 6881f7ede3f2844b47113ea9ec10bac093b0d1d58773a494600a15414e504f45
                                        
                                            GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.33.172
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 29 Sep 2022 01:42:45 GMT
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Thu, 29 Sep 2022 22:10:42 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
timing-allow-origin: *
cf-cache-status: HIT
age: 12723
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75210628dce495f6-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   76281
Md5:    a563edd673308b2cd8cc1ec9c0543417
Sha1:   bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
Sha256: bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8307
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 01:42:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0881edd-e0e9-466c-b336-8ab1cddabd13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6327
x-amzn-requestid: 88075140-b88b-42fc-8f44-931786b997ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMLAAEwqoAMFqcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334becc-5930f80c649b9f6742c9c662;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T0JQjjiYhsQ7-oi8bKzMRrFBJilGhnYVx0zccnuebmdbJjKyCm-5lw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:11:52 GMT
age: 12653
etag: "af24a2bc892fee0ddc420ecb9ae6a20c4467721a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6327
Md5:    363780f6c5cd25605ef91528dbc9dca6
Sha1:   af24a2bc892fee0ddc420ecb9ae6a20c4467721a
Sha256: 232e78b64f79f5e79a1d1f3be972e7757136b55b8d29728dc38b4d5e3a426466
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 13069
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9688
Md5:    28799c10f9ea39af55c7003f4254cc60
Sha1:   523da6aeec4cc23897fe01b0bc8b5da254edb3a8
Sha256: 2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 04:18:58 GMT
age: 77027
etag: "927d5a375d9607b23caadae148566fdff10147b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9034
Md5:    2054ae778a3079d8233ee33045127df6
Sha1:   927d5a375d9607b23caadae148566fdff10147b1
Sha256: 6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 23905
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7859
Md5:    c62a6368c456e9614ca4c8e360a2ef12
Sha1:   35ec6e80d324bb215796c590a7ffafbaea55d88e
Sha256: 90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8c3a6e7-9a30-42cf-9ab6-50ed24505a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7440
x-amzn-requestid: 385f6d11-ee69-4ef2-ad00-cbe6ea619335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJj29GSyIAMFRuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333b35f-5ca4467e5a853ee640fe815e;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 02:37:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SZSQAa2gu6OPgVJf6YpGHxLuMdIN_8hu2j4VxtFsrHGFZPm1fpeS_A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:00:39 GMT
age: 67326
etag: "3bee9aeb403ae5f0f5c281a5b70bdb6d39259a86"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7440
Md5:    d06eaeaf73fa443c48cfaacb52f44f0d
Sha1:   3bee9aeb403ae5f0f5c281a5b70bdb6d39259a86
Sha256: 54f1e26979bba5df48eee6972be5bedc54c1e88b894e3874186e51fcbe586ff6
                                        
                                            GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12823
Md5:    d0df2ac43a36220e00201ee9f4420c47
Sha1:   64fc44a3e2e93c600b8afcd983390e2983a70435
Sha256: c23f77202e42a8ad821e89f7ca5338620bd0f25cb2c411ce6f7080e3198393d6
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 857925515b1e4570d0d0b57424f437a5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:46 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 764d67df34cc2ac7e315feea5170216e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impression/B1jYQ8OgpCRPIZvW9xZI98KWLYge4gmjymTEdtzzdYwRTOarwrR9Huy2gS7HS26RynrnR-lFXf7BIOKzeyRYZsPahlU8oQ8YvujOPzityXlBVfPEZGVbrPPwuyBXW7OZsfF7WGZtAoHhGY8gZRVsvIqw7w4gK9wnRSgFHj-ujOkcVf0ewS7_MGIYCW03NR1GQjsly8w6KuR7QMIRsnBZgpkOoJ0whU5MFF390PflK5LQe3B7iFvD3yb8INioMek7HNVeQ8qjSPBICP5a_kY1PXvd4Gek3Jk4mO9z2E2BL-P7ZV7_-GZGWkrPyVqwfYF-4cmk0fUrsPhPwrdoLY8H7aVWhkAWPPy14hlk0usw466m3gg2kSgusy6HABtSFV66d1svC4Dv2r0egWt8TaRKhQ2rUuEQNin21TRqqj2EDdG2bqHz8rVXbuULMZMTqfPLf8WabIXgr2tEd1oIH6G7GhKWRUkiTHTUpaSEqBgVaMfYnvPkKjfegcb2_rvpyrLPHYxtGSDDOTwXSF88bidQTSEIlaGCv8-jr_U0AodbkcNc0RFCKjmLLYEpNtJVZTFwDd4UqbajhwonscboFa21r7Mfi7dVmExi0b7WnaG0qm_Pa0MHnM7vqKdHYcfGthxVUeWHW7-difFds3VLKOL2Lw==?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:50 GMT
content-length: 43
x-trace-id: 563244a8e88e6d3cb7f0e92429ae6bb9
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            OPTIONS /500/5307588?excludes=14745758&oaid=c672fe7a32ba4fdc97dc612b0a394644&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /500/5307588?excludes=14745758&oaid=c672fe7a32ba4fdc97dc612b0a394644&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:50 GMT
x-trace-id: 67ca3f7c8cef54ff8ae8a5410bd4eefb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12469
Md5:    c3edb3be560331eafbfb893ebca053e0
Sha1:   435bcae2d7d645c9bf6db4e1f4716b93401b85bd
Sha256: e5eb450b7b871600c99a2fa2dbed87c38adeb329e62c59d1059b3f4b3faaff7f
                                        
                                            POST /custom HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 389
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:52 GMT
content-length: 39
x-trace-id: f823f482f94a8b27fa42d70d817bf25e
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gid.js?pub=0&userId=b43428fb345c4f6b851d94af6a5abc2e&zoneId=5307590&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Cookie: ID=c672fe7a32ba4fdc97dc612b0a394644
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:52 GMT
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bfa1c4c43de5a16412615928a0dc745b
Sha1:   feb1b671c8e5004ec6174283e3dfd377ee29a2b9
Sha256: 27b1a31002522b0676395e6c14d59b11a8dc99975f75f039d189c6967c7235cc
                                        
                                            GET /500/5307588?excludes=&oaid=c672fe7a32ba4fdc97dc612b0a394644&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2FJyoJ%2Fl2giran.rar&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: dozubatan.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=4f3d904a10af4e67ba8e610029abef51
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.237
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
x-trace-id: ae39e359ceb976217a648dbfb3016739
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Thu, 29 Sep 2022 01:42:45 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.126.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GE3EJ40SWFJZPR5WB9C4CK1B-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752106200b84b4f4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.126.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 01:42:44 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 7459008
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75210620ebd3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
date: Thu, 29 Sep 2022 01:42:44 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/5307591/?oo=1&js_build=iclick-v1.431.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
x-trace-id: 3da096583bc75bde3403ea839e7500a3
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=c672fe7a32ba4fdc97dc612b0a394644; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None oaidts=1664415765; expires=Fri, 29 Sep 2023 01:42:45 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/universal.min.js?v=3.1.396 HTTP/1.1 
Host: pseepsie.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:45 GMT
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1fafa"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /JyoJ/l2giran.rar HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; expires=Thu, 29-Sep-2022 03:42:43 GMT; Max-Age=7200; path=/; samesite=lax anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D; expires=Thu, 29-Sep-2022 03:42:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 29 Sep 2022 01:42:43 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css/theme.min.css HTTP/1.1 
Host: anonymfile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/JyoJ/l2giran.rar
Cookie: XSRF-TOKEN=eyJpdiI6IlU1WU15Y1hybzNmNThvOGp5Q29peEE9PSIsInZhbHVlIjoiYjhXWmpVbW5lVzlmTVhVZEF5NlBibFFMR3plbEg2UTBROGZ4dUxZQU8wb3pUd3lwOW0zaXQza2ZlcllzMGtyOU9mdncwald6dGNPcEZkd0hDWEprQkVJZWhNR3libUo4dlNaOVBUWjRwZTBGK1RqQ0duRHQzYUE4OGtIekFITEYiLCJtYWMiOiIzYmJiOGM1NWI5ZTVhYTk3YzM2MmEyOTZkNDViODQyYTMzNWZjZjZmZDc4NTMxYzk4NjIyM2JlNzY3ZmEzZmQ4IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Ik9QMGxLZkM5MXB3UXhDaGJibzRkNXc9PSIsInZhbHVlIjoiOXpuS0FRNWFFWDl5YW55T0R3ZnczVCs0bHJZWFRJUU5wQ2tlQU1XdTVIR3VTTitSR2tPR05Mc3FoSThJcUxjckN1cVZDUjdBVXhxb1doSmN3Zk9STzR2enhVaGdsMFViVXZrWEZFTi81c3dnOU1PU2hEcDFNZC9weVlMZW9hQjIiLCJtYWMiOiIyOWVlMWNmNzgwZDQ3NDcyNzgxNzA2MTc0YmE5YzQ5ZDdmZDQ1Njg4ZGZiNjRmOTE2OTE3Y2ZiOWMxOGFmYzAxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         138.201.48.112
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Thu, 29 Sep 2022 01:42:44 GMT
last-modified: Fri, 22 Oct 2021 08:15:50 GMT
vary: Accept-Encoding
etag: W/"61727336-921fb"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 29 Sep 2022 01:42:45 GMT
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geFsk2LuAhFjjOGbQqW%2FdRHYusspXMNDBLDiODTh8iLaIGpaqsnuJyb2vPaO9BrXWhmgthrfkMRxuNIZy9PCkIVrzwuYNSA4i7JcRZStWpAZ5XaEm4K9AaLPCDuQHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752106256811b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---