Report - cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar

Report Overview

URL

cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar
IP

195.96.151.41

ASN

#41634 Svea Hosting AB
Submitted

2023-01-24T21:49:54Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

2

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
vjs.zencdn.net (2)	4968	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	750	142778	151.101.66.217
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	100.20.3.157
thecoveos.com (4)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1924	13890	52.20.131.174
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1474	93.184.220.29
pogothere.xyz (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374	851	172.64.106.19
r3.o.lencr.org (10)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3380	8864	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5842	34.160.144.191
www.facebook.com (1)	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441	23739	31.13.72.36
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2371	35.241.9.150
ocsp.pki.goog (6)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2100	4235	142.250.74.131
e1.o.lencr.org (2)	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676	1458	23.36.76.226
accounts.google.com (4)	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2292	8386	142.250.74.109
baconaces.pro (1)	835148	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465	376	54.162.51.18
img-getpocket.cdn.mozilla.net (5)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2705	56679	34.120.237.76
cdn-148.anonfiles.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	906	677	195.96.151.41
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
anonfiles.com (22)	117161	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9026	151787	45.154.253.152
djv99sxoqpv11.cloudfront.net (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1638	70738	54.230.245.107
ardsoffhdgat.xyz (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2233	4191	108.157.214.49
reoreexpresi.xyz (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1037	1126	172.67.203.148
yooumoughtc.xyz (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424	676	108.157.229.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-24	medium	djv99sxoqpv11.cloudfront.net/QZHVlbmsHGgsIVBAcAVNcV0JWXFJCHxYBBRRIBA0zXC0qWVw3PBRIHx4RWF5NCBQLCVZCEAsNVlVTBAoJWUFDGhsLHlgNHh0TCQQTCAEPSB4FSAgBEQ0ZCQ9OVjNQQFtBR1VGHA0bAQEcF1BXXgUQUFdeWlRbVUtYJlBXXhwNG1NaTlc3QFxbHENRS1gmUF-deGRJQVi9aVEBLXkJBR1UJDgceCktZIkdVX1tURFVfTlZFAwcZARMKFk5WM1ReXkpFQxtWVQ	Malware
2023-01-24	medium	djv99sxoqpv11.cloudfront.net/8Y2hCaEEABywOfhcBJlV2UF9xW3FFAjEHLxNVNVsuEgAJJiA6JmQcOwdVck4tAgYlVWcGBiFVcEUJJgp8V043CXwOBzgBLQ8JZ1oHVkZyTXNTQDUBLwcHNRtkUVgsHGRRWHNYb1NNcSpkUVg1AS9VXGdbA0ZachB3V01xKmRRWDAeZFApc1h0TVhrTXNTDy-cLKgxNcC5zU1lyWHBTWWdacQUBMA0nDBBnWgdSWHdGcUUdf1k	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (76)

URL IP Response Size

cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar

195.96.151.41

301 Moved Permanently

162

URL HTTP/1.1

cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar
IP

195.96.151.41:0
ASN

#41634 Svea Hosting AB

Magic

HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

Size

162
Hash

4f8e702cc244ec5d4de32740c0ecbd97

3adb1f02d5b6054de0046e367c1d687b6cdf7aff

9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

                                        GET /ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar HTTP/1.1
Host: cdn-148.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

f416977a8d6dfaafb2dbfd0e68b871f8

dfa97bd829b03162de91c80133f2fde69b58a8d2

2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11954
Expires: Wed, 25 Jan 2023 01:08:57 GMT
Date: Tue, 24 Jan 2023 21:49:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

04512fea22644dc0d22c3f3a665f6645

0e213646abfc6d9560ba562362fd9e9115be8354

124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2669
Expires: Tue, 24 Jan 2023 22:34:12 GMT
Date: Tue, 24 Jan 2023 21:49:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

dcd75ca6daca51c5e39d431468511793

07f76d3bf23d65c9110d810fa71a994e39e085d3

73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 21:42:45 GMT
content-type: application/json
age: 418
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

6cd4f1da1215c7473500807c185f2449

b14db0c67cf1f5faf85648ed8f94baf2dd03808b

9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5513
Expires: Tue, 24 Jan 2023 23:21:36 GMT
Date: Tue, 24 Jan 2023 21:49:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: Vae7AkvkgpQDqGi6N4KZlt1zkP28nigI0HX6UHIfq3lbt/YDDPKdr0Kf+DofjmvDyNpcKD/a7ZI=
x-amz-request-id: YGK5G7R6ZGT77YWG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 21:48:19 GMT
age: 84
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar

195.96.151.41

301 Moved Permanently

URL HTTP/1.1

cdn-148.anonfiles.com/ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar
IP

195.96.151.41:0
ASN

#41634 Svea Hosting AB

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /ScCfk3Tay5/2abbc9f0-1674391847/GoogleChromeFree.rar HTTP/1.1
Host: cdn-148.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/ScCfk3Tay5
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:49:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5e504a0f0d4f4fa085b2c6b0bd43e26e

cdcf8a1fb2758ba5b4378bd3c207fdc1927e65c4

89984023fde739a8aa8fcc21e885debb1c85d9ca4aef6db1312567ab506d627a

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89984023FDE739A8AA8FCC21E885DEBB1C85D9CA4AEF6DB1312567AB506D627A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3259
Expires: Tue, 24 Jan 2023 22:44:02 GMT
Date: Tue, 24 Jan 2023 21:49:43 GMT
Connection: keep-alive

anonfiles.com/ScCfk3Tay5

45.154.253.152

200 OK

3260

URL HTTP/1.1

anonfiles.com/ScCfk3Tay5
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (502)

Size

3260
Hash

5dda17053cde855f6ac2531c2943e8d0

e57ebb776f9f628747ee892ed5091b90e08cf25f

18e300fb82a1a784231c8d97f6d59ebe5daa5ad3753fc44e0112319d5ab98907

HTTP Headers

                                        GET /ScCfk3Tay5 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: N
Content-Encoding: gzip

anonfiles.com/css/anonfiles.css?1668606177

45.154.253.152

200 OK

25261

URL HTTP/1.1

anonfiles.com/css/anonfiles.css?1668606177
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

ASCII text, with very long lines (65452)

Size

25261
Hash

bf84dfe5f6e6044aa4c1095a7a9a850e

e411fe5ea4f2b5ce7382dfe3079589f4817ad165

2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60

HTTP Headers

                                        GET /css/anonfiles.css?1668606177 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3721
Content-Encoding: gzip

anonfiles.com/sw_anonfiles.js

45.154.253.152

200 OK

15666

URL HTTP/1.1

anonfiles.com/sw_anonfiles.js
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

ASCII text, with very long lines (25712)

Size

15666
Hash

5e03f95322bfd924a10943354a145be8

149a1d27b2169791e547a074c3d40b279319d35b

27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf

HTTP Headers

                                        GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 39073
Content-Encoding: gzip

anonfiles.com/js/app.js?1668606177

45.154.253.152

200 OK

57886

URL HTTP/1.1

anonfiles.com/js/app.js?1668606177
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

ASCII text, with very long lines (63238)

Size

57886
Hash

ba67ff13fd07739a7037fbc27b2a1955

3e253f69b2f12659c541de122c6bce0ed82ba369

1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818

HTTP Headers

                                        GET /js/app.js?1668606177 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 1944
Content-Encoding: gzip

vjs.zencdn.net/7.3.0/video-js.min.css

151.101.66.217

200 OK

9673

URL HTTP/2

vjs.zencdn.net/7.3.0/video-js.min.css
IP

151.101.66.217:0
ASN

#54113 FASTLY

Magic

ASCII text, with very long lines (35998), with no line terminators

Size

9673
Hash

3397ce943db8add2728dccd9a3b8b8bc

a57bbb7546a458fe57d72d06baab950125260cc9

5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba

HTTP Headers

                                        GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Tue, 24 Jan 2023 21:49:43 GMT
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 8654
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/jp.png

45.154.253.152

200 OK

599

URL HTTP/1.1

anonfiles.com/img/flags/24/jp.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

599
Hash

857f6f0e0886a3729b758b7241e42e61

a7be973a93c6ad51cf07a9f21a5dd72cc3e15680

8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64

HTTP Headers

                                        GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3016
accept-ranges: bytes

anonfiles.com/img/flags/24/es.png

45.154.253.152

200 OK

666

URL HTTP/1.1

anonfiles.com/img/flags/24/es.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

666
Hash

5fa381a8eb16d9e673d32980e7fd1710

fc29fbbebe97109ef1d16a0d4a65637d6b725ac8

7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff

HTTP Headers

                                        GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3402
accept-ranges: bytes

anonfiles.com/img/flags/24/kr.png

45.154.253.152

200 OK

988

URL HTTP/1.1

anonfiles.com/img/flags/24/kr.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

988
Hash

cb22f00511d088a71e84f8c1c864caed

6599812ed106bda6017487287e12bc836570649f

09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1

HTTP Headers

                                        GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2805
accept-ranges: bytes

anonfiles.com/static/logo.png

45.154.253.152

200 OK

18441

URL HTTP/1.1

anonfiles.com/static/logo.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data

Size

18441
Hash

f9fd716d30e220aa24bab0e94ebf0aa0

4af32d78655436173f272bb65159a232f1671b8d

5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94

HTTP Headers

                                        GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:43 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 20:22:41 GMT
etag: "6324db11-4809"

vjs.zencdn.net/7.3.0/video.min.js

151.101.66.217

200 OK

132230

URL HTTP/2

vjs.zencdn.net/7.3.0/video.min.js
IP

151.101.66.217:0
ASN

#54113 FASTLY

Magic

Unicode text, UTF-8 text, with very long lines (65141)

Size

132230
Hash

e296d874aca2a1550b409394be51efaa

c184c030e9aab3d03de27bc588919e249d5ccdf7

401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f

HTTP Headers

                                        GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Tue, 24 Jan 2023 21:49:43 GMT
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/in.png

45.154.253.152

200 OK

593

URL HTTP/1.1

anonfiles.com/img/flags/24/in.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

593
Hash

ccaf96cfc341dc9a17e24b96bef223ff

8791d6db6628e0fb21b847ab94484f0c615e38ac

728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354

HTTP Headers

                                        GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3540
accept-ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 21:48:59 GMT
age: 45
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/no.png

45.154.253.152

200 OK

611

URL HTTP/1.1

anonfiles.com/img/flags/24/no.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

611
Hash

f14ac70aa6dd4d371671c0e6d7cba4e3

1139e3acd6e073bffb59157cbc10af72ed757218

9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4

HTTP Headers

                                        GET /img/flags/24/no.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3429
accept-ranges: bytes

anonfiles.com/img/flags/24/pl.png

45.154.253.152

200 OK

347

URL HTTP/1.1

anonfiles.com/img/flags/24/pl.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

347
Hash

baf3aff7caef0be58f29b41f20a0e4db

11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6

0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f

HTTP Headers

                                        GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2897
accept-ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

c398b6b39d11d25b8ae9bc5cd94a1c98

640aa8c399ced71d0c2a9f5a90fbaf091b01d642

a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17600
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 21:49:44 GMT
Connection: keep-alive

anonfiles.com/img/file/filetypes/ext/rar.png?1668605455

45.154.253.152

200 OK

631

URL HTTP/1.1

anonfiles.com/img/file/filetypes/ext/rar.png?1668605455
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data

Size

631
Hash

d33954367bc5d15c7f0e01857e7ae8ea

b8b5ba4e52c439feed2b51c7f982be6f4dee3aae

a6f8963dd8d602e135e8b860b7e48badfd78c2b1bef9ec362a39ce2fc484606f

HTTP Headers

                                        GET /img/file/filetypes/ext/rar.png?1668605455 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 631
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 108
accept-ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

0d4b77e335fcc1586957ace528b31e06

045005aae70549c8e77a29a644c370140d1175be

89b55c8e1ad6a2dcc9e450e59ec1bb6b815af0c6c8d12354f644ba69b31eda0f

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89B55C8E1AD6A2DCC9E450E59EC1BB6B815AF0C6C8D12354F644BA69B31EDA0F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13566
Expires: Wed, 25 Jan 2023 01:35:50 GMT
Date: Tue, 24 Jan 2023 21:49:44 GMT
Connection: keep-alive

djv99sxoqpv11.cloudfront.net/?xsvjd=737329

54.230.245.107

200 OK

68726

URL HTTP/2

djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP

54.230.245.107:0
ASN

#16509 AMAZON-02

Magic

Unicode text, UTF-8 text, with very long lines (15948)

Size

68726
Hash

d3fea70eaf30fd6684f9db7ac3b16e0f

dfd8a8880b8f5bcb730a37517b6e6f511a3a326a

360674f5d275e421c12bbe133b48dc1a5a0d8d4814ab7a9b759ae0cf9723e208

HTTP Headers

                                        GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-length: 68726
date: Tue, 24 Jan 2023 21:49:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U3IQmc49jsH0j46wyi7ngbn8ptpQcmPRmH_hj_uVcwSb4WBhJX9WEg==
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/us.png

45.154.253.152

200 OK

656

URL HTTP/1.1

anonfiles.com/img/flags/24/us.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

656
Hash

ae506a6c014bfeb8d8cbfdfbe94c14c9

f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee

bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

HTTP Headers

                                        GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2802
accept-ranges: bytes

push.services.mozilla.com/

100.20.3.157

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

100.20.3.157:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QUkH+jxFaRZC4VIjB1oemg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ytuOd4dT7V5xzuleV4oBnMAHsgI=

anonfiles.com/img/flags/24/de.png

45.154.253.152

200 OK

483

URL HTTP/1.1

anonfiles.com/img/flags/24/de.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

483
Hash

9f8cc07c258bcd2de0c7900861e20ffc

fed97219e44693d4f3918fc4037b325732225d81

07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19

HTTP Headers

                                        GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3477
accept-ranges: bytes

ocsp.pki.goog/s/gts1p5/skLwC7qegUg

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

6e2f78f6ea01351b2bbb15bd7fd2fbc8

4a080fbf06069a5573223274f6312b266d4c502c

dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17

HTTP Headers

                                        POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:49:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/skLwC7qegUg

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

6e2f78f6ea01351b2bbb15bd7fd2fbc8

4a080fbf06069a5573223274f6312b266d4c502c

dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17

HTTP Headers

                                        POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:49:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ardsoffhdgat.xyz/T3JYejUuEDsXCi5POlxAPR5lXwcJV2o8USUEYUNGNx0pCkN+Q3YZWSAHPBxHIBwsVFsqBn1Icx4oECxZLR8rMnIoAREsdw4RGSx7LCRoMGIXNBI5fTcrGjhnHTsaOwU1KhtKRBgkL0llDSARMk17IA88AAExGit5DCQCOXAOARYsWRkmGjtaBSUNPHEIGis2fSMVFjJdfyYbK2QbMRk/ZRwwbDxmDhUaP2R/KBsrDAAkMjRkHjQsOGd+JB8ydH8QGStwLDRpOG0XFQ0rYAkWPS1ZHRAOL0EWODQ4bRcaLzRyfjw5LlksQQk8TS06HTRnHEM/F2AJXzwfch04CSxcdhMOP3cDKjMwdx1DDTBxKBE9OV47KBERURkqaQ5gHTQOHGEjKB47QiwoGSh4BDQzT2ICQwofbSQCHitNOyUOKxMlATcURXITOyINFz1vTWYGAw

108.157.214.49

200 OK

1191

URL HTTP/2

ardsoffhdgat.xyz/T3JYejUuEDsXCi5POlxAPR5lXwcJV2o8USUEYUNGNx0pCkN+Q3YZWSAHPBxHIBwsVFsqBn1Icx4oECxZLR8rMnIoAREsdw4RGSx7LCRoMGIXNBI5fTcrGjhnHTsaOwU1KhtKRBgkL0llDSARMk17IA88AAExGit5DCQCOXAOARYsWRkmGjtaBSUNPHEIGis2fSMVFjJdfyYbK2QbMRk/ZRwwbDxmDhUaP2R/KBsrDAAkMjRkHjQsOGd+JB8ydH8QGStwLDRpOG0XFQ0rYAkWPS1ZHRAOL0EWODQ4bRcaLzRyfjw5LlksQQk8TS06HTRnHEM/F2AJXzwfch04CSxcdhMOP3cDKjMwdx1DDTBxKBE9OV47KBERURkqaQ5gHTQOHGEjKB47QiwoGSh4BDQzT2ICQwofbSQCHitNOyUOKxMlATcURXITOyINFz1vTWYGAw
IP

108.157.214.49:0
ASN

#16509 AMAZON-02

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators

Size

1191
Hash

ec1b9a0c47ef88a3bb185fd2ff2524a4

022140fb48f6c3bd15544c0bf8a6b0f73c75b3c3

a9d6b2749c50a1dc1b087e2c65e5f038cdadd0e609db16f429d35edab3e26e20

HTTP Headers

                                        GET /T3JYejUuEDsXCi5POlxAPR5lXwcJV2o8USUEYUNGNx0pCkN+Q3YZWSAHPBxHIBwsVFsqBn1Icx4oECxZLR8rMnIoAREsdw4RGSx7LCRoMGIXNBI5fTcrGjhnHTsaOwU1KhtKRBgkL0llDSARMk17IA88AAExGit5DCQCOXAOARYsWRkmGjtaBSUNPHEIGis2fSMVFjJdfyYbK2QbMRk/ZRwwbDxmDhUaP2R/KBsrDAAkMjRkHjQsOGd+JB8ydH8QGStwLDRpOG0XFQ0rYAkWPS1ZHRAOL0EWODQ4bRcaLzRyfjw5LlksQQk8TS06HTRnHEM/F2AJXzwfch04CSxcdhMOP3cDKjMwdx1DDTBxKBE9OV47KBERURkqaQ5gHTQOHGEjKB47QiwoGSh4BDQzT2ICQwofbSQCHitNOyUOKxMlATcURXITOyINFz1vTWYGAw HTTP/1.1
Host: ardsoffhdgat.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/html
content-length: 1191
date: Tue, 24 Jan 2023 21:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rVTuwVeu0kmM7wk1X9rUMXmpiSM5cVH89iZWEGEb6-dr8wV5SeW4Lg==
X-Firefox-Spdy: h2

ardsoffhdgat.xyz/RkRMSWsnJi8kVCd5Lm8eNChxbFkAYX4PDywydXAYPis9OR13dWIqBykxKC8ZKSo4ZwUjMGl7LX4dfiEoJwEJCCk/MwMvAyUGBiU9dBEKcBMRdwoPKiwBBAUTCBICHxgzASsIIQwtDX8hKxUvBhwiEi8iXzIFKxAHEBMvDikvAhoqLhMOBi4bfhJ8fVgFHDsGKTwjDgU6fg4WeAQOEicTEhIcAh06AhEOBRwlDAIbHy0RGi4YDgMeGzwOChUrWggKLxobLREaLloHF3UfMwEgLghbHCUvISl1Enx4Ew0pHhs8AgUpEy0HNC94A3YQGiEZEhwCHS8/aS8FICE8Aioocz4ZeAc/EwQLPxETKCgIFxEOBCp2KggLKSgTKy04EQwoDggTESgvWi1iJjoEKDRxPlgpNSQCJScdAg

108.157.214.49

200 OK

1168

URL HTTP/2

ardsoffhdgat.xyz/RkRMSWsnJi8kVCd5Lm8eNChxbFkAYX4PDywydXAYPis9OR13dWIqBykxKC8ZKSo4ZwUjMGl7LX4dfiEoJwEJCCk/MwMvAyUGBiU9dBEKcBMRdwoPKiwBBAUTCBICHxgzASsIIQwtDX8hKxUvBhwiEi8iXzIFKxAHEBMvDikvAhoqLhMOBi4bfhJ8fVgFHDsGKTwjDgU6fg4WeAQOEicTEhIcAh06AhEOBRwlDAIbHy0RGi4YDgMeGzwOChUrWggKLxobLREaLloHF3UfMwEgLghbHCUvISl1Enx4Ew0pHhs8AgUpEy0HNC94A3YQGiEZEhwCHS8/aS8FICE8Aioocz4ZeAc/EwQLPxETKCgIFxEOBCp2KggLKSgTKy04EQwoDggTESgvWi1iJjoEKDRxPlgpNSQCJScdAg
IP

108.157.214.49:0
ASN

#16509 AMAZON-02

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3015), with no line terminators

Size

1168
Hash

6a9c3a1f59341af697137a00c3d93cc0

0efcdd85f6083852fd70199a94cccb2156195e95

8564f0d0312e6183bae965ad03f9e93fbec5f35f8df50d8e90ee8d0155f79e84

HTTP Headers

                                        GET /RkRMSWsnJi8kVCd5Lm8eNChxbFkAYX4PDywydXAYPis9OR13dWIqBykxKC8ZKSo4ZwUjMGl7LX4dfiEoJwEJCCk/MwMvAyUGBiU9dBEKcBMRdwoPKiwBBAUTCBICHxgzASsIIQwtDX8hKxUvBhwiEi8iXzIFKxAHEBMvDikvAhoqLhMOBi4bfhJ8fVgFHDsGKTwjDgU6fg4WeAQOEicTEhIcAh06AhEOBRwlDAIbHy0RGi4YDgMeGzwOChUrWggKLxobLREaLloHF3UfMwEgLghbHCUvISl1Enx4Ew0pHhs8AgUpEy0HNC94A3YQGiEZEhwCHS8/aS8FICE8Aioocz4ZeAc/EwQLPxETKCgIFxEOBCp2KggLKSgTKy04EQwoDggTESgvWi1iJjoEKDRxPlgpNSQCJScdAg HTTP/1.1
Host: ardsoffhdgat.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/html
content-length: 1168
date: Tue, 24 Jan 2023 21:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 009f08cce389af684f28c36891875534.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: J_NDw__KZIU1VNaNc9ApMpmIPPgsNzyBdV5PYcEBlDWZ6Pupj2M5MA==
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/fr.png

45.154.253.152

200 OK

536

URL HTTP/1.1

anonfiles.com/img/flags/24/fr.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

536
Hash

e81efecf1a1b1d3a17d00a904c5cc3c9

1203894dbfc8363302dc709d852c05a4dd8bf9dc

54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750

HTTP Headers

                                        GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3556
accept-ranges: bytes

reoreexpresi.xyz/UGJZSFJ/XTo7bwY1Ezs3GCAyHmNlKAgfEAI0HDgRClMPKwYVN388OzRfbntlY1FpbiI5BmR5anYRLSkmJRFkeXQ5DD8nb3YUZHl8YExrZmB2F2R5dCQSOC9vYUQpPCY8X2h+ZWRXYH5raFBheGc

172.67.203.148

204 No Content

URL HTTP/2

reoreexpresi.xyz/UGJZSFJ/XTo7bwY1Ezs3GCAyHmNlKAgfEAI0HDgRClMPKwYVN388OzRfbntlY1FpbiI5BmR5anYRLSkmJRFkeXQ5DD8nb3YUZHl8YExrZmB2F2R5dCQSOC9vYUQpPCY8X2h+ZWRXYH5raFBheGc
IP

172.67.203.148:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /UGJZSFJ/XTo7bwY1Ezs3GCAyHmNlKAgfEAI0HDgRClMPKwYVN388OzRfbntlY1FpbiI5BmR5anYRLSkmJRFkeXQ5DD8nb3YUZHl8YExrZmB2F2R5dCQSOC9vYUQpPCY8X2h+ZWRXYH5raFBheGc HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:49:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BGkVUCyONnBd80CRZvr6rIdWwjt1t8MKoQa%2Bd3LlLvacidcEYd%2FMFLivBrSowqCd8OI4uCfkgYqcxiaQES3gmyGGHJghwO1eb2qwzcfl57Pz7lnaNo22DMGDSwx5AfJRNFD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ebfb121e5db517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

reoreexpresi.xyz/S1RwekRkaxMJeRI6KhYgegIoKwIdBCk8FgQBGyApHGQ6IhYmEVYOLS9pR0lzeGZJXDQiME1LYjggEQ4xOGlBXC0lMh9HYj1pQVR3f3pDS2p5cgVHdW0gABsjdmVWCjA/OE1LcnxgRUNycmxCTXxy

172.67.203.148

204 No Content

URL HTTP/2

reoreexpresi.xyz/S1RwekRkaxMJeRI6KhYgegIoKwIdBCk8FgQBGyApHGQ6IhYmEVYOLS9pR0lzeGZJXDQiME1LYjggEQ4xOGlBXC0lMh9HYj1pQVR3f3pDS2p5cgVHdW0gABsjdmVWCjA/OE1LcnxgRUNycmxCTXxy
IP

172.67.203.148:0
ASN

#13335 CLOUDFLARENET

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /S1RwekRkaxMJeRI6KhYgegIoKwIdBCk8FgQBGyApHGQ6IhYmEVYOLS9pR0lzeGZJXDQiME1LYjggEQ4xOGlBXC0lMh9HYj1pQVR3f3pDS2p5cgVHdW0gABsjdmVWCjA/OE1LcnxgRUNycmxCTXxy HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:49:44 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPcUOuvx6NfocKAGd1mqDmR0AJk646dCv0PR5e6xnFLEcBmxPXMk6moEe5VZmQPYPyGehtY7P%2Bw1uZ7wLtNXqsAdKBEDvSt8KnD9XrtS4kc2CsRkTocyDQ5uamJJS59eZwRK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ebfb121e5fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/skLwC7qegUg

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

6e2f78f6ea01351b2bbb15bd7fd2fbc8

4a080fbf06069a5573223274f6312b266d4c502c

dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17

HTTP Headers

                                        POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:49:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

anonfiles.com/img/flags/24/br.png

45.154.253.152

200 OK

1115

URL HTTP/1.1

anonfiles.com/img/flags/24/br.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

1115
Hash

6a5938d2e7f7d6f4026d6eb1b4b4f2cd

7a038177fe4deec455d61d3e9c90019fa4727d40

0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb

HTTP Headers

                                        GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3250
accept-ranges: bytes

djv99sxoqpv11.cloudfront.net/QZHVlbmsHGgsIVBAcAVNcV0JWXFJCHxYBBRRIBA0zXC0qWVw3PBRIHx4RWF5NCBQLCVZCEAsNVlVTBAoJWUFDGhsLHlgNHh0TCQQTCAEPSB4FSAgBEQ0ZCQ9OVjNQQFtBR1VGHA0bAQEcF1BXXgUQUFdeWlRbVUtYJlBXXhwNG1NaTlc3QFxbHENRS1gmUF-deGRJQVi9aVEBLXkJBR1UJDgceCktZIkdVX1tURFVfTlZFAwcZARMKFk5WM1ReXkpFQxtWVQ

54.230.245.107

200 OK

542

URL HTTP/2

djv99sxoqpv11.cloudfront.net/QZHVlbmsHGgsIVBAcAVNcV0JWXFJCHxYBBRRIBA0zXC0qWVw3PBRIHx4RWF5NCBQLCVZCEAsNVlVTBAoJWUFDGhsLHlgNHh0TCQQTCAEPSB4FSAgBEQ0ZCQ9OVjNQQFtBR1VGHA0bAQEcF1BXXgUQUFdeWlRbVUtYJlBXXhwNG1NaTlc3QFxbHENRS1gmUF-deGRJQVi9aVEBLXkJBR1UJDgceCktZIkdVX1tURFVfTlZFAwcZARMKFk5WM1ReXkpFQxtWVQ
IP

54.230.245.107:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with very long lines (779), with no line terminators

Size

542
Hash

c3d5b13319e551edd21961dc570fa420

1983be64f88fdef8f017473e522b6e6b4c2d8d38

184ba3383a54c13be7f81b094e8216dc28e571310a84dc4340fbab3a1b8bae95

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /QZHVlbmsHGgsIVBAcAVNcV0JWXFJCHxYBBRRIBA0zXC0qWVw3PBRIHx4RWF5NCBQLCVZCEAsNVlVTBAoJWUFDGhsLHlgNHh0TCQQTCAEPSB4FSAgBEQ0ZCQ9OVjNQQFtBR1VGHA0bAQEcF1BXXgUQUFdeWlRbVUtYJlBXXhwNG1NaTlc3QFxbHENRS1gmUF-deGRJQVi9aVEBLXkJBR1UJDgceCktZIkdVX1tURFVfTlZFAwcZARMKFk5WM1ReXkpFQxtWVQ HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-length: 542
date: Tue, 24 Jan 2023 21:49:44 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bJaOBTHde2V4CqTvGE61GJAGNEbDCFnbrpLd4AclUJ0TJsVUNUuE0A==
X-Firefox-Spdy: h2

yooumoughtc.xyz/utx?tid=737323&top=anonfiles.com&cb=eJALBJ79uQHr

108.157.229.90

204 No Content

URL HTTP/2

yooumoughtc.xyz/utx?tid=737323&top=anonfiles.com&cb=eJALBJ79uQHr
IP

108.157.229.90:0
ASN

#0

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /utx?tid=737323&top=anonfiles.com&cb=eJALBJ79uQHr HTTP/1.1
Host: yooumoughtc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:49:44 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 24 Jan 2023 21:50:44 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 3346055bb53a57ebf02828b88e1ee87c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: hE6JCkG_uoGn5jKTBe21n0xBIQ7w5ZMs87kbzuw7o6poGyeYRijzfA==
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/ru.png

45.154.253.152

200 OK

403

URL HTTP/1.1

anonfiles.com/img/flags/24/ru.png
IP

45.154.253.152:0
ASN

#41634 Svea Hosting AB

Magic

PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data

Size

403
Hash

d8df89b036e6afb48f72d2440831bad0

04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35

2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c

HTTP Headers

                                        GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/ScCfk3Tay5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:49:44 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2870
accept-ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5841ef884ec146c10c6975ea9e1ebf0f

69151a25648afb9fd4c1780f4b45bd4200c6edee

88fc9bfea9c6f046d43d0cc36467cd7133555056c977beee8a486c0f3ad64c51

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88FC9BFEA9C6F046D43D0CC36467CD7133555056C977BEEE8A486C0F3AD64C51"
Last-Modified: Tue, 24 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14464
Expires: Wed, 25 Jan 2023 01:50:49 GMT
Date: Tue, 24 Jan 2023 21:49:45 GMT
Connection: keep-alive

djv99sxoqpv11.cloudfront.net/8Y2hCaEEABywOfhcBJlV2UF9xW3FFAjEHLxNVNVsuEgAJJiA6JmQcOwdVck4tAgYlVWcGBiFVcEUJJgp8V043CXwOBzgBLQ8JZ1oHVkZyTXNTQDUBLwcHNRtkUVgsHGRRWHNYb1NNcSpkUVg1AS9VXGdbA0ZachB3V01xKmRRWDAeZFApc1h0TVhrTXNTDy-cLKgxNcC5zU1lyWHBTWWdacQUBMA0nDBBnWgdSWHdGcUUdf1k

54.230.245.107

200 OK

253

URL HTTP/2

djv99sxoqpv11.cloudfront.net/8Y2hCaEEABywOfhcBJlV2UF9xW3FFAjEHLxNVNVsuEgAJJiA6JmQcOwdVck4tAgYlVWcGBiFVcEUJJgp8V043CXwOBzgBLQ8JZ1oHVkZyTXNTQDUBLwcHNRtkUVgsHGRRWHNYb1NNcSpkUVg1AS9VXGdbA0ZachB3V01xKmRRWDAeZFApc1h0TVhrTXNTDy-cLKgxNcC5zU1lyWHBTWWdacQUBMA0nDBBnWgdSWHdGcUUdf1k
IP

54.230.245.107:0
ASN

#16509 AMAZON-02

Magic

ASCII text, with no line terminators

Size

253
Hash

c5b0cf1f856ba3df48ba6d896001ec2c

2dec202c6af009114d92b633a5f9a44d3f0b77a1

7c57d05f0b142304b932b88a973f05ab02fcff4ecf90ccb0b495731699e28c75

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /8Y2hCaEEABywOfhcBJlV2UF9xW3FFAjEHLxNVNVsuEgAJJiA6JmQcOwdVck4tAgYlVWcGBiFVcEUJJgp8V043CXwOBzgBLQ8JZ1oHVkZyTXNTQDUBLwcHNRtkUVgsHGRRWHNYb1NNcSpkUVg1AS9VXGdbA0ZachB3V01xKmRRWDAeZFApc1h0TVhrTXNTDy-cLKgxNcC5zU1lyWHBTWWdacQUBMA0nDBBnWgdSWHdGcUUdf1k HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        HTTP/2 200 OK
content-length: 253
date: Tue, 24 Jan 2023 21:49:45 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rChWxj-w66FxveR2tzViYTLcGJrnYsh2kX1KFG_Jv7SoNv6posGQ6A==
X-Firefox-Spdy: h2

anonfiles.com/img/flags/24/se.png

45.154.253.152

200 OK

581

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

#1 JS:Script (size: 45243)

#2 JS:Script (size: 193275)

#3 JS:Script (size: 1770)

#4 JS:Script (size: 208212)

#5 JS:Script (size: 57596)

#6 JS:Script (size: 2968)

#7 JS:Script (size: 2944)

#8 JS:Script (size: 167)

#9 JS:Script (size: 458)

#10 JS:Script (size: 160)

#11 JS:Script (size: 475833)

#12 JS:Script (size: 779)

#13 JS:Script (size: 294)

HTTP Transactions (76)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers