anonymfile.com/n0LJJ?PageSpeed=noscript
138.201.48.112301 Moved Permanently 162 B URL HTTP/1.1 anonymfile.com/n0LJJ?PageSpeed=noscript
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /n0LJJ?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 22:21:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9826
Expires: Thu, 24 Nov 2022 01:05:07 GMT
Date: Wed, 23 Nov 2022 22:21:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: max-age=136057
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:21 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:08:58 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11470
Expires: Thu, 24 Nov 2022 01:32:31 GMT
Date: Wed, 23 Nov 2022 22:21:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 22:18:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 150
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nkvTzxD2dfDQjb7J20xJGRE03urvgII2dTUFBPuAuYLoC7LNCL5Wy+9j00+XSSLgaKaFjv/2uyo=
x-amz-request-id: 5TYBF3MY6EJAWG4H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 21:43:08 GMT
age: 2293
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5615
Cache-Control: max-age=151634
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Etag: "637e3445-118"
Expires: Fri, 25 Nov 2022 16:28:36 GMT
Last-Modified: Wed, 23 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
104.17.25.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.30.3/filepond.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65370)
Hash d18c98bb03dac8dd996130d56f3d8e8c
cc1777baef75c9438534927036a21f22e91e5578
89a5585efd3c48a3870d383705937d51bb2a3a776eb01805a2629dd7a28e3c2e
GET /ajax/libs/filepond/4.30.3/filepond.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 29707
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "615c7e96-740b"
last-modified: Tue, 05 Oct 2021 16:34:30 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10285970
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEO3LRGeOETSGv7sg6i6s9374wxv%2FadWTBBURfYwv8uFldFCNSZBXkGhFnLoQ6JFLHLFqbZmLsUBbVylGy8tGwZy3QMMGQaHRJET87v%2BsPM%2FZyrU6KvfoNB6IlQYpyjRLVTktNZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c249c5fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1055807
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJhcl5vj%2FAXLTYTf67MyYm3Kr2pzp1QufES7sxSTSQfkq0%2Bw3x2jVRN2rb4lNX9VOqOfvdzdyUgY%2Fpwm5fL6fGmoUZaxdTi7%2BlkHIIo0HGhrTSQcQvO2ONkh0qe4DS7ix6efqLVZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c249c63b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
104.17.25.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.8/clipboard.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (10584)
Hash e34a4db0b42ca907e0b7a56cd4b145ec
2dc36a7dcdfc42d122b23ef91483d27865c4285f
4b2a908e8d2c23d19da5e9ef4c6c77e7c6e8823b7aeb93233723f366ff6d217a
GET /ajax/libs/clipboard.js/2.0.8/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 3000
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6049431e-29b4"
last-modified: Wed, 10 Mar 2021 22:07:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1831947
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaeKQoABExig%2FG6yE0oIaHOKM3jW3D7q0scq%2B5nGj4nwxtcAGMlCB25Mb%2FjMwD9ktmZb4Vyg7WOIBz8S1WF0g3u86PsWFp6CLr%2FSRhTfDygC1CHSiHi7aqLLGTx4W%2BnF%2BiUtHexh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c24ac79b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 298f6f027434581a9c93f97b90c7cfe1
80dc738070e4abb1303cf0a406537eb1c34b7d78
29c10d9b434354dfc91c2a9faac73b16245708c06d95ff17af8a7469fbf9b52b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5615
Cache-Control: max-age=151634
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Etag: "637e3445-118"
Expires: Fri, 25 Nov 2022 16:28:36 GMT
Last-Modified: Wed, 23 Nov 2022 14:55:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
104.17.25.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (58940)
Hash 28dbaeb9aa2638e0c4e6d9ffd3d14e9d
3208ed3741e60986bbed3fd759cdfd3b4fa7cf06
ababbb021f57966e125b8e296f9515f38d906b462697f7835e6914465dd0d362
GET /ajax/libs/bootstrap/5.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 14584
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6161dfe3-38f8"
last-modified: Sat, 09 Oct 2021 18:30:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 623823
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AttgWA2ZanNeZusxygSKeN%2BROmzZFgxX5TZQHOGXSzgmIex3aKhs8JgYhBdX2%2Ba8vxW42pllCCQ2y0UfeQfCahAUOxb665vWGEn6SfSJiGydg58L6ayuMtQynHOwwGgo69IErko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c24bc7eb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.85.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.85.229:0
File type ASCII text, with very long lines (43295)
Hash a6fbe7b1cf3b06f9a031d9a10243c011
da2c46d25f25b28c8da20bb5a0d5357e77d1cb24
35f5b0ce7f49892576ec5a9e1bde4adc159e2a65585fda2af36d6b57a0a7c070
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.13
x-jsd-version-type: version
etag: W/"fb49-hzPgrbENORP7Iy8+Cp/HurL2PLQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 23 Nov 2022 22:21:22 GMT
age: 33117
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1683-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18034
X-Firefox-Spdy: h2
anonymfile.com/css/theme.min.css
138.201.48.112200 OK 75 kB URL HTTP/2 anonymfile.com/css/theme.min.css
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 8b61cc26bfb7e13d1ebf3e9639914e51
7b8d4de2b1884b3c1654cfbde0e8a6f3885a3f66
f27b9cd4b89d6729e328f65b08114323077a61b6761865aa160785073f57bbb0
GET /css/theme.min.css HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-original-content-length: 598523
vary: Accept-Encoding
content-encoding: gzip
content-length: 74661
etag: W/"PSA-aj-TDax0QZn8Y"
date: Wed, 23 Nov 2022 22:21:21 GMT
expires: Wed, 23 Nov 2022 22:25:13 GMT
cache-control: max-age=231
X-Firefox-Spdy: h2
anonymfile.com/img/logo-anon-warning.webp
138.201.48.112200 OK 15 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b596f481388ac5ef6d74a15a351f6c3
6756e88c0b46cc981b7bbbdaf2ead77bd258a472
cd830cff1dfb9af2181dfe61645addbe21981954713fba54d5875a038e673972
GET /img/logo-anon-warning.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 15344
etag: "617d3713-3bf0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Wed, 23 Nov 2022 22:20:13 GMT
expires: Wed, 23 Nov 2022 22:25:13 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash b0e32f0f060bb1436a2208a96a35fa94
c3f993341524a9894bcea79b1153919cd126b5f6
ec2a78e67bcf66a736e43c48990f2c6ca13ed92569b81c7fb24ed3b0c8726eaf
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 22:21:22 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "88A15A72C451B4834387EC6D7F656D8F5D3EBC8B"
Expires: Thu, 24 Nov 2022 09:00:00 GMT
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1320
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ed4c25284e0b02-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 22:11:11 GMT
cache-control: public,max-age=3600
age: 611
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
anonymfile.com/img/main/footer.webp
138.201.48.112200 OK 178 kB URL HTTP/2 anonymfile.com/img/main/footer.webp
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178070 bytes)
Hash 79ccb3a1b78412a1a530284f45ea7056
626d0494e1bd871e67ecffad44d04ac2343fb7e5
3d4e83b59664d7a779fa777d4ee0e17a1bc09302f9b9cde60815a3142256d8b8
GET /img/main/footer.webp HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
content-length: 178070
etag: "62f35b9c-2b796"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
date: Wed, 23 Nov 2022 22:20:13 GMT
expires: Wed, 23 Nov 2022 22:25:13 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10122000
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiwKHMCtEmx%2FVbppRrCrMV1%2BR0CNf0TjlYaVn8uhPkJBqeedXFYBsNhaFXuULMRVydTRN1T2iWz2ldpSvnQHnB8b2xhtKpgZXgCzrNyQ0KImbjJvOFS9IzXX1%2Fzd2cMjJaNBUnAn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c25de11b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
104.17.25.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/filepond/4.29.1/filepond.min.css
IP 104.17.25.14:0
File type assembler source, ASCII text, with very long lines (17282)
Hash 78aabb09e30a9eb6f833cbb1b48bdb2e
e876ff16b6c511bc217973e51202aaaf23a4e936
8d76a29a92bc268043a7bd4d0b8f171fffd6c6c3c8e18aa314d6dac1aeb542ae
GET /ajax/libs/filepond/4.29.1/filepond.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: text/css; charset=utf-8
content-length: 2934
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613afc53-b76"
last-modified: Fri, 10 Sep 2021 06:33:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 35772
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi6wufl4trP3YbUSQoNohpsm14PQz2uKb%2FWHVcyZSZbLTzX9XdSZcsd%2FhqUztKwCaOwiOYp6eiemAWfSDqVonwnTuNBb1MCq3yBix5nFESeMMHLcPPg4thNh7%2B%2FCKQxH4K3jTT8%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c268ef5b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
104.17.25.14200 OK 123 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 122760, version 768.66\012- data
Size 123 kB (122760 bytes)
Hash d1bea16f470ff27ca26131a867131fda
c1e34985d239716f1f236b932f2ecf4fb4c167d2
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 122760
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-1df88"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5627467
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU5yoAaSYrjSjJnDbtEbMbhUFTX0C6fsv2wfeFvQLlEDLWN4J0BMKtqHAz1%2BG70LRiSFIP%2BWT1gWfgD1RO%2Bi7vLUEsPDebm2NJB8Blv5PUvi0k6XFM%2F3nLq6ZaWnruTEJXJuJGSv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c269f00b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
104.17.25.14200 OK 24 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 23456, version 768.66\012- data
Hash e3e5eef95eb3652d939b8c86ecb47fac
ff36e7b2a956a05de0b94dbe7b1bf7e2d6d44cb2
445189de22489c06a549b75c8f8e95cc56639d4128cd72e76896b4d2a7c40ce2
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 23456
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-5ba0"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1143545
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILD%2BdXwlBX%2B1KvlesI5U5TwlIaIL7kT4iHEptsoaFzI3jcB8xpd%2FC745cTThNhe4heyXuaYaYE9p%2FEk%2FUbjIENbdvkJcOc3sAH9JK1%2BxV3AnGjwzqL69yeOuY3mA5kwF5fQpK%2BLZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c269f1ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
104.17.25.14200 OK 105 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 105264, version 768.66\012- data
Size 105 kB (105264 bytes)
Hash ef9332780500ea981e97dff51cc30669
4020ed1a099b98c421f09ceb9a92f4a1d8d5d9c8
ec372177b8e8df39d755e16551dfbbddcc53938ca52765fd730d0925885c964e
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105264
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-19b30"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 54231
expires: Mon, 13 Nov 2023 22:21:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28lCbFs2kn%2BVFAf10OzZjEYA%2BXqc5eXSGJ72D1wiLt1WFlNeFT3QGD3Hq49Dq1p9ySmc5lmgy0pmPOKqB2qXfWeFQdCa5p%2FU68uO%2Bh3%2B5%2FKVwb1dBV9SPluMhVAFboNEinb0JYwD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ed4c26bf40b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1851
Cache-Control: max-age=126982
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:37:44 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7f275f98cd7252b2fa5456d8a4492cbc
266df5f1a8adfd667d952736f4c04786d46613bf
5b11baf2f4c980c7762a4a7c656a69c60f3b2cfa7674cb298928d28953845c00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6528
Cache-Control: max-age=163707
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Etag: "637e5fdd-116"
Expires: Fri, 25 Nov 2022 19:49:49 GMT
Last-Modified: Wed, 23 Nov 2022 18:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7f275f98cd7252b2fa5456d8a4492cbc
266df5f1a8adfd667d952736f4c04786d46613bf
5b11baf2f4c980c7762a4a7c656a69c60f3b2cfa7674cb298928d28953845c00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6528
Cache-Control: max-age=163707
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Etag: "637e5fdd-116"
Expires: Fri, 25 Nov 2022 19:49:49 GMT
Last-Modified: Wed, 23 Nov 2022 18:01:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
anonymfile.com/img/logo-anon-warning.png
138.201.48.112200 OK 41 kB URL HTTP/2 anonymfile.com/img/logo-anon-warning.png
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Hash d52ea6ebcd0b10dcf112a9d6c43ceee0
641e5277e2e079f0e88e2899879fda8882e58d28
77cb73f16f049b51c0a81c12ed878e11efe3b9a71c632a3bdb647d963059532e
GET /img/logo-anon-warning.png HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: image/png
content-length: 40729
last-modified: Fri, 29 Oct 2021 10:50:56 GMT
vary: Accept-Encoding
etag: "617bd210-9f19"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fn0LJJ
138.201.48.112204 No Content 0 B URL HTTP/2 anonymfile.com/ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fn0LJJ
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ngx_pagespeed_beacon?url=http%3A%2F%2Fanonymfile.com%2Fn0LJJ HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 22:21:22 GMT
cache-control: max-age=0, no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w1fpMqP+yhQBglUftR2KlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZjeBWNGX8WlpkaVziQzXu+bBI1Q=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ebb5a62048e042e2b1fc59df45546a3e
18d45fc21faff1ff687ec7d9de1a789afadb5a05
93a489cbf75b0201a86397bcbcd8efc19e3229b61cbcd5d69e2cf462b61452ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93A489CBF75B0201A86397BCBCD8EFC19E3229B61CBCD5D69E2CF462B61452AB"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15922
Expires: Thu, 24 Nov 2022 02:46:44 GMT
Date: Wed, 23 Nov 2022 22:21:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 47042f851082f9d36d5ccab604c5f14e
fe8100b57d75eefb49d7b2a7c9fb108d8ca111df
b5c61da899dcb3b680922d8f4611956646deaf3cbd7c727b093a7764016805fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1222
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Last-Modified: Wed, 23 Nov 2022 22:01:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 47042f851082f9d36d5ccab604c5f14e
fe8100b57d75eefb49d7b2a7c9fb108d8ca111df
b5c61da899dcb3b680922d8f4611956646deaf3cbd7c727b093a7764016805fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1222
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:22 GMT
Last-Modified: Wed, 23 Nov 2022 22:01:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa3561ac2a13489ff04ec00ecd8a686e
b38a8384c92a1c45b886c097784c70b066ff22c7
ef4c3c1b8a8df41c67ee9b6a21325c479ed12bb0ab3cb9fc47ac82dff6fe1ee9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF4C3C1B8A8DF41C67EE9B6A21325C479ED12BB0AB3CB9FC47AC82DFF6FE1EE9"
Last-Modified: Mon, 21 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15989
Expires: Thu, 24 Nov 2022 02:47:51 GMT
Date: Wed, 23 Nov 2022 22:21:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81b99df41973e6dc5df30d9bba9b35e1
f051d504d044e76c74aba274f71871a5735fad02
8462a092492cdab635fa6fc43323b4427658d51f4eecdc7a8ee9d72781b90a2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8462A092492CDAB635FA6FC43323B4427658D51F4EECDC7A8EE9D72781B90A2D"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5601
Expires: Wed, 23 Nov 2022 23:54:43 GMT
Date: Wed, 23 Nov 2022 22:21:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 370f8f773bda1e17248527e1e9c95905
e0a4c336c94e990fbb6dab5e17c4c1317d04d3f1
c5da7ba146c6293589f4a16a2cf73f2f1196b75d6f220b41e326df350ec1baa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DA7BA146C6293589F4A16A2CF73F2F1196B75D6F220B41E326DF350EC1BAA4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12196
Expires: Thu, 24 Nov 2022 01:44:38 GMT
Date: Wed, 23 Nov 2022 22:21:22 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 22:21:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=442911,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ed4c2acbc1b505-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 909
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 23 Nov 2022 22:21:23 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://anonymfile.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 ibrapush.com/zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 924f83d583902548517c3327ff8e4493
7d5ea76f95d862b44558e6428f0a0d2bb20e2b0c
92e16e70459ff85e5803ded19d1f535cb6197a2b1eda7b254cb663b81908147c
GET /zone?pub=0&zone_id=5307590&is_mobile=false&domain=anonymfile.com&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: c2cddeebe09c0835d6d529d43d7a3c13
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d9fc305a152b948877a19e64f07e9904
0a6f467107ca0284e5d9c7a89e2431b3709b41ae
b0ffff086e960ab6a18ec015d70ccb6d1259aee22ceadda17ad465e1253756aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 22:21:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 06:25:22 GMT
Expires: Mon, 28 Nov 2022 06:25:21 GMT
Etag: "0a6f467107ca0284e5d9c7a89e2431b3709b41ae"
Cache-Control: max-age=374037,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ed4c2a6fc3b4ee-OSL
my.rtmark.net/gid.js?userId=34e44b70ad654c00b117deaa78018e6f
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=34e44b70ad654c00b117deaa78018e6f
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 1577a3760216f1e9029bff12aa5f1941
791f99155774974383218ebde1b3b2be358ca0e0
f7f26866ff6b743f2ae32aca6bd9fc4f56931e3a83289da1e0eee374847ca9c6
GET /gid.js?userId=34e44b70ad654c00b117deaa78018e6f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 773
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 32c7026720722b034e8a22e1d85c8787
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5307590
139.45.197.250200 OK 6.1 kB URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5307590
IP 139.45.197.250:0
Hash f2b336c719f23576279ea300a180b572
beb28cbdaa44580d888f81993ba766d52c4aeee3
cedbef54742c2ef9d02526929c732477f9150f114dc28e06681cbed7b211e92f
GET /pfe/current/tag.min.js?z=5307590 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 09:28:55 GMT
etag: W/"637de7d7-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 5.5 kB IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4320)
Hash 2b32057abc0e1e834bf64f0511a5619f
56f65481f98eec2555417216e2effa8856a4c0ef
588b4867231c4675d6a9c533587336be867542b692297f8fe114ffb7343e7e57
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D; prefetchAd_5307591=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 23 Nov 2022 22:21:23 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=2892768334&z=5307589&b=15768991&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DjWYIhVMgPDsTgIa_ojI9xslZuWf6rTEFqemv_PmTjwBPs-LFRXe0vOcehe8EcMmI-HdlhL1dqWF028WL7fFy2lEzbbWarfRcm_suNN1jkAtfPBrOlKoFJNBmg3znBZUJXwmL9wroF5JfQdMCD5dQtJaPCN8ynslSjU0pBLgqmjAQSiQ-TMf8SXCa16ONa_Vro5kyTUUkpBg5dBkIIKjLS0o-uruoge33UMn1ZxQbMGDcIFXHXL0BUITStbORbWM4Z-kr-qjRfT5HJxNHeHMpLCeM7PngdffehpQ9Cd9Q-l7ZyJq83U2EvtyrpeUeCvUbU_QZpc6mdawxRUI10xsypXPcAPUTqzPiwmQ1dL0zr2op8sksCUFpcnWezg16Qb0ZHPprG3ZHSVvSAoZOhNDUw_aU9_RaXoWTotD9mOsJ8QmVtOB4L9Z6S9AsAW2NY0UDFUaRX_E-cQGGTNUMHflOFNvWaid8jiXUCTzkka1_yUrZjFy9Sr6i40nU2G-FIeBa0I9ODiPZW-Fg4ZNADnECDRX0lopCqBQZrG2CKvh3a5eIm_xDJlco5ELqP-0SDkPG_GkEwFYbhTW9ALI7uJbvoJh0IQKv2WWihWEnHFvUDjQjYHnTD3f_r9A8SqUI-iXQ_lCGZL-_QJCPsb-HtvgMg==&ruid=a77cb9fe-cf85-439c-bdde-fed486a11ea7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=78
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=2892768334&z=5307589&b=15768991&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DjWYIhVMgPDsTgIa_ojI9xslZuWf6rTEFqemv_PmTjwBPs-LFRXe0vOcehe8EcMmI-HdlhL1dqWF028WL7fFy2lEzbbWarfRcm_suNN1jkAtfPBrOlKoFJNBmg3znBZUJXwmL9wroF5JfQdMCD5dQtJaPCN8ynslSjU0pBLgqmjAQSiQ-TMf8SXCa16ONa_Vro5kyTUUkpBg5dBkIIKjLS0o-uruoge33UMn1ZxQbMGDcIFXHXL0BUITStbORbWM4Z-kr-qjRfT5HJxNHeHMpLCeM7PngdffehpQ9Cd9Q-l7ZyJq83U2EvtyrpeUeCvUbU_QZpc6mdawxRUI10xsypXPcAPUTqzPiwmQ1dL0zr2op8sksCUFpcnWezg16Qb0ZHPprG3ZHSVvSAoZOhNDUw_aU9_RaXoWTotD9mOsJ8QmVtOB4L9Z6S9AsAW2NY0UDFUaRX_E-cQGGTNUMHflOFNvWaid8jiXUCTzkka1_yUrZjFy9Sr6i40nU2G-FIeBa0I9ODiPZW-Fg4ZNADnECDRX0lopCqBQZrG2CKvh3a5eIm_xDJlco5ELqP-0SDkPG_GkEwFYbhTW9ALI7uJbvoJh0IQKv2WWihWEnHFvUDjQjYHnTD3f_r9A8SqUI-iXQ_lCGZL-_QJCPsb-HtvgMg==&ruid=a77cb9fe-cf85-439c-bdde-fed486a11ea7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=78
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=2892768334&z=5307589&b=15768991&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=DjWYIhVMgPDsTgIa_ojI9xslZuWf6rTEFqemv_PmTjwBPs-LFRXe0vOcehe8EcMmI-HdlhL1dqWF028WL7fFy2lEzbbWarfRcm_suNN1jkAtfPBrOlKoFJNBmg3znBZUJXwmL9wroF5JfQdMCD5dQtJaPCN8ynslSjU0pBLgqmjAQSiQ-TMf8SXCa16ONa_Vro5kyTUUkpBg5dBkIIKjLS0o-uruoge33UMn1ZxQbMGDcIFXHXL0BUITStbORbWM4Z-kr-qjRfT5HJxNHeHMpLCeM7PngdffehpQ9Cd9Q-l7ZyJq83U2EvtyrpeUeCvUbU_QZpc6mdawxRUI10xsypXPcAPUTqzPiwmQ1dL0zr2op8sksCUFpcnWezg16Qb0ZHPprG3ZHSVvSAoZOhNDUw_aU9_RaXoWTotD9mOsJ8QmVtOB4L9Z6S9AsAW2NY0UDFUaRX_E-cQGGTNUMHflOFNvWaid8jiXUCTzkka1_yUrZjFy9Sr6i40nU2G-FIeBa0I9ODiPZW-Fg4ZNADnECDRX0lopCqBQZrG2CKvh3a5eIm_xDJlco5ELqP-0SDkPG_GkEwFYbhTW9ALI7uJbvoJh0IQKv2WWihWEnHFvUDjQjYHnTD3f_r9A8SqUI-iXQ_lCGZL-_QJCPsb-HtvgMg==&ruid=a77cb9fe-cf85-439c-bdde-fed486a11ea7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=78 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=34e44b70ad654c00b117deaa78018e6f; oaidts=1669242082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7afa8eb79d1a164d60a24bea0520c97f
access-control-expose-headers: X-Sc
set-cookie: OAID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:23 GMT; secure; SameSite=None
oaidts=1669242082; expires=Thu, 23 Nov 2023 22:21:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b25200fea1fc5f73b82be92b813c8899
64c1daa0db29521981a41057af95828e869296cc
46622ef260890bfd457e36f6ce8778ef38962856fb71e40449f46c9b271b7291
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46622EF260890BFD457E36F6CE8778EF38962856FB71E40449F46C9B271B7291"
Last-Modified: Tue, 22 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15914
Expires: Thu, 24 Nov 2022 02:46:37 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
139.45.197.152200 OK 9.3 kB URL HTTP/2 interstitial-07.com/contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 45adfc5dac387ae41ca4a0c1b6a9ac37
d972ecfcf25c8d8c697beac01a3fa85635e564f5
a653f78b2f5c5f1dd923fb9291bb67832dad4014266ef34b6bff707a381b1bda
GET /contents/s/45/ad/fc/5dac387ae41ca4a0c1b6a9ac37/01606490601807.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=oK7jCDJoBt3xHxX&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2657859644%26z%3D5307589%26b%3D15768991%26c%3D6334387%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDjWYIhVMgPDsTgIa_ojI9xslZuWf6rTEFqemv_PmTjwBPs-LFRXe0vOcehe8EcMmI-HdlhL1dqWF028WL7fFy2lEzbbWarfRcm_suNN1jkAtfPBrOlKoFJNBmg3znBZUJXwmL9wroF5JfQdMCD5dQtJaPCN8ynslSjU0pBLgqmjAQSiQ-TMf8SXCa16ONa_Vro5kyTUUkpBg5dBkIIKjLS0o-uruoge33UMn1ZxQbMGDcIFXHXL0BUITStbORbWM4Z-kr-qjRfT5HJxNHeHMpLCeM7PngdffehpQ9Cd9Q-l7ZyJq83U2EvtyrpeUeCvUbU_QZpc6mdawxRUI10xsypXPcAPUTqzPiwmQ1dL0zr2op8sksCUFpcnWezg16Qb0ZHPprG3ZHSVvSAoZOhNDUw_aU9_RaXoWTotD9mOsJ8QmVtOB4L9Z6S9AsAW2NY0UDFUaRX_E-cQGGTNUMHflOFNvWaid8jiXUCTzkka1_yUrZjFy9Sr6i40nU2G-FIeBa0I9ODiPZW-Fg4ZNADnECDRX0lopCqBQZrG2CKvh3a5eIm_xDJlco5ELqP-0SDkPG_GkEwFYbhTW9ALI7uJbvoJh0IQKv2WWihWEnHFvUDjQjYHnTD3f_r9A8SqUI-iXQ_lCGZL-_QJCPsb-HtvgMg%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Da77cb9fe-cf85-439c-bdde-fed486a11ea7%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fn0LJJ%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: image/jpeg
content-length: 9271
last-modified: Thu, 20 Oct 2022 03:21:06 GMT
vary: Accept-Encoding
etag: "6350bea2-2437"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
139.45.197.152200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 3213a8e6ac43e59294f402bbbe324953
3e66ba9e6978ca9fef50e07274bd9899e3fed9c3
f880d432fbedbe3a15e8fed32985860e84e8ec4425ad6ff3e6cae446be0a6714
GET /contents/s/32/13/a8/e6ac43e59294f402bbbe324953/0596778554123.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=oK7jCDJoBt3xHxX&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D2657859644%26z%3D5307589%26b%3D15768991%26c%3D6334387%26var%3D%26d%3Dhttp%253A%252F%252Fbelievemefly.com%252Fbase.php%253Fc%253D3647%2526key%253D432671afcbaec0691a80da097806f6fe%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DDjWYIhVMgPDsTgIa_ojI9xslZuWf6rTEFqemv_PmTjwBPs-LFRXe0vOcehe8EcMmI-HdlhL1dqWF028WL7fFy2lEzbbWarfRcm_suNN1jkAtfPBrOlKoFJNBmg3znBZUJXwmL9wroF5JfQdMCD5dQtJaPCN8ynslSjU0pBLgqmjAQSiQ-TMf8SXCa16ONa_Vro5kyTUUkpBg5dBkIIKjLS0o-uruoge33UMn1ZxQbMGDcIFXHXL0BUITStbORbWM4Z-kr-qjRfT5HJxNHeHMpLCeM7PngdffehpQ9Cd9Q-l7ZyJq83U2EvtyrpeUeCvUbU_QZpc6mdawxRUI10xsypXPcAPUTqzPiwmQ1dL0zr2op8sksCUFpcnWezg16Qb0ZHPprG3ZHSVvSAoZOhNDUw_aU9_RaXoWTotD9mOsJ8QmVtOB4L9Z6S9AsAW2NY0UDFUaRX_E-cQGGTNUMHflOFNvWaid8jiXUCTzkka1_yUrZjFy9Sr6i40nU2G-FIeBa0I9ODiPZW-Fg4ZNADnECDRX0lopCqBQZrG2CKvh3a5eIm_xDJlco5ELqP-0SDkPG_GkEwFYbhTW9ALI7uJbvoJh0IQKv2WWihWEnHFvUDjQjYHnTD3f_r9A8SqUI-iXQ_lCGZL-_QJCPsb-HtvgMg%3D%3D%26bag%3DsoD61sIXZfLmZDdfa4zliA%3D%3D%26ruid%3Da77cb9fe-cf85-439c-bdde-fed486a11ea7%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fanonymfile.com%252Fn0LJJ%253FPageSpeed%253Dnoscript%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: image/jpeg
content-length: 29997
last-modified: Thu, 20 Oct 2022 03:21:02 GMT
vary: Accept-Encoding
etag: "6350be9e-752d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5035e5acaeb97c6d633c4a71eac75d1
a9f6e3f1143c4d7099e9c7b5f200fdde469892ba
8276ca7c5f806e4eb29e15cad093a69219cb7f813e7e3aa9cd176487140cd070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8276CA7C5F806E4EB29E15CAD093A69219CB7F813E7E3AA9CD176487140CD070"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9422
Expires: Thu, 24 Nov 2022 00:58:25 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c19d425ddc8da8d9d4edcf7503cab2bf
12ed3f6a58ed32d5c5ee1aeb21ffe3d0bf232bb2
ac9d7f50b3159bb1f8f4da425dc13bd69bfab546ee8c9ca4d63b30c5d0a69f3a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1726
Cache-Control: max-age=98057
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 22:21:23 GMT
Etag: "637d722e-117"
Expires: Fri, 25 Nov 2022 01:35:40 GMT
Last-Modified: Wed, 23 Nov 2022 01:06:54 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
172.67.22.216200 OK 11 kB URL HTTP/2 offerimage.com/www/images/2fed87d8d9131d075b72354b838c2d77.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash 2fed87d8d9131d075b72354b838c2d77
69624c46c1556c35c67e85724451cce20ad405ec
8adac582983620ad0421a1be7648f58c731feaf3de0bf027ebefe412505b01ed
GET /www/images/2fed87d8d9131d075b72354b838c2d77.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: image/jpeg
content-length: 10853
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b2c84c-2a65"
expires: Thu, 24 Nov 2022 09:12:28 GMT
last-modified: Wed, 22 Jun 2022 07:44:12 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 47335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ed4c2f6c50b512-OSL
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9890815455607ae858ea6dcd9dd5e77d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9ea1fb659b90ee2befe4e101714038c9
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10712
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10712
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10712
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10712
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 22:21:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:48:19 GMT
age: 1984
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9defa28d124bae7e5ef29a1fb165ee02
2afe813f0fefae511064297ccff9a6de548104e8
8cfdd12386dcc87cfd874ed0c2d42cd33ae2a05cb35127f1a94e163d17bd5b31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11576
x-amzn-requestid: 9dd2cb2e-de79-4937-b525-05be9d57c03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrdFuxoAMFa9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee49-5437ea0f1568967278fe96ad;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MtH0aETjrojNhxcpN67UwvtC7rWC2A1ACxmD-u-LEd0WB43qBNPu6g==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:18 GMT
age: 785
etag: "2afe813f0fefae511064297ccff9a6de548104e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 85348
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xXVgZMdEgIo2J1DEAMtdmM6jDRxBWuDi6waMd1-ExTKHh7Fis_SmvA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:56:51 GMT
age: 1472
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
betotodilea.com/400/5307588
139.45.197.237200 OK 41 kB URL HTTP/2 betotodilea.com/400/5307588
IP 139.45.197.237:0
Hash b3f106fbc8f1a4f4adcf158e1c1642b2
048424bcb441667d997a9d7408e2dc1eaa4c1537
a9948d320868b1af732179f28c2c775b6489d091124f023cc5f3f695dc8f011c
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5307588 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript
x-trace-id: 299b94db67cc1ec4826ae699448db587
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c77ba6dace3846d7aa50678edd342977; expires=Thu, 23 Nov 2023 22:21:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 10 kB URL HTTP/2 betotodilea.com/500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 7187a5b5266f9eea4d7e0ce2ea9124ad
f91963335289a1e2729920935575752eb28afabe
d690841e3f3262053a9e778af666bfeeb6f625785af4d9ec425d0b82e1abf653
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=c77ba6dace3846d7aa50678edd342977
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/javascript
x-trace-id: 20fccc4f05b8b072d7bf33b0f0764dc5
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/impression/IQLwpKUimmeRf7K7fvaDHo_u1AyY540ujhlqq2KqLbUcfzeXl3zsCrfLqJ50te_bneXank1QYXjxOr3Drj4MvAO8e2n4NM4Y7sppVmD6gAEjFsdS8WYrVkMc65ccl4vySbGPVWgKIy1T0QuI7KEx3KA4m_wntzupkTn7YnFdO67bSukulTVOvMQnvCqh0P6N_Q9rG0xdvy3Aikn86AK2yPM7Zn36phRChzx1JhqlCYRIhc_EE8CVwh-hOovBkFaZhBobye3C2u3qUcoTRIksAXGwKGR7Hw2XpRy43gAPR273RoiBAQ8ihHrPkMVuHWxV_Iq-32l_1qvJrYrlLUbt7qcA5vcnP1Q2v8u8UtCUqLhNshoIlu4b09rJNxBdyjEBg-tTalVMOHZ1_A0VUqD5Wo4TLB__thknUkMJTcLTEMbbPVa22xC4h9bpmtRhvKNdww0pd559W5eYVhxjdpow_ZPg77nI5wOJRSbzJxityCesihGSDe06PE_o3NZM3cXHjbvZzJoQHICad8zrHTwgvwV6Uc-FCkmMaJrJVI-EQeC79zO5JB7o_U7NDDYU-SmhzrmEcmA_X8Aba7y8_LccB94kxKwMVSmc?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/IQLwpKUimmeRf7K7fvaDHo_u1AyY540ujhlqq2KqLbUcfzeXl3zsCrfLqJ50te_bneXank1QYXjxOr3Drj4MvAO8e2n4NM4Y7sppVmD6gAEjFsdS8WYrVkMc65ccl4vySbGPVWgKIy1T0QuI7KEx3KA4m_wntzupkTn7YnFdO67bSukulTVOvMQnvCqh0P6N_Q9rG0xdvy3Aikn86AK2yPM7Zn36phRChzx1JhqlCYRIhc_EE8CVwh-hOovBkFaZhBobye3C2u3qUcoTRIksAXGwKGR7Hw2XpRy43gAPR273RoiBAQ8ihHrPkMVuHWxV_Iq-32l_1qvJrYrlLUbt7qcA5vcnP1Q2v8u8UtCUqLhNshoIlu4b09rJNxBdyjEBg-tTalVMOHZ1_A0VUqD5Wo4TLB__thknUkMJTcLTEMbbPVa22xC4h9bpmtRhvKNdww0pd559W5eYVhxjdpow_ZPg77nI5wOJRSbzJxityCesihGSDe06PE_o3NZM3cXHjbvZzJoQHICad8zrHTwgvwV6Uc-FCkmMaJrJVI-EQeC79zO5JB7o_U7NDDYU-SmhzrmEcmA_X8Aba7y8_LccB94kxKwMVSmc?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/IQLwpKUimmeRf7K7fvaDHo_u1AyY540ujhlqq2KqLbUcfzeXl3zsCrfLqJ50te_bneXank1QYXjxOr3Drj4MvAO8e2n4NM4Y7sppVmD6gAEjFsdS8WYrVkMc65ccl4vySbGPVWgKIy1T0QuI7KEx3KA4m_wntzupkTn7YnFdO67bSukulTVOvMQnvCqh0P6N_Q9rG0xdvy3Aikn86AK2yPM7Zn36phRChzx1JhqlCYRIhc_EE8CVwh-hOovBkFaZhBobye3C2u3qUcoTRIksAXGwKGR7Hw2XpRy43gAPR273RoiBAQ8ihHrPkMVuHWxV_Iq-32l_1qvJrYrlLUbt7qcA5vcnP1Q2v8u8UtCUqLhNshoIlu4b09rJNxBdyjEBg-tTalVMOHZ1_A0VUqD5Wo4TLB__thknUkMJTcLTEMbbPVa22xC4h9bpmtRhvKNdww0pd559W5eYVhxjdpow_ZPg77nI5wOJRSbzJxityCesihGSDe06PE_o3NZM3cXHjbvZzJoQHICad8zrHTwgvwV6Uc-FCkmMaJrJVI-EQeC79zO5JB7o_U7NDDYU-SmhzrmEcmA_X8Aba7y8_LccB94kxKwMVSmc?_z=5307588&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=34e44b70ad654c00b117deaa78018e6f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:28 GMT
content-type: image/gif
content-length: 43
x-trace-id: 381438fe8cb98bd40e9f22a05db4b91a
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg
172.67.22.216200 OK 9.8 kB URL HTTP/2 offerimage.com/www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 192x192, components 3\012- data
Hash d431c8eb34ed2645e592e54d0dc4f1d4
01029e5a39b523a1ebc2e48e091dc3b506511532
a5f8e1d4c832340ef93e32c9145661697fbe81747487e67680bdccfde0aa9d6d
GET /www/images/d431c8eb34ed2645e592e54d0dc4f1d4.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:28 GMT
content-type: image/jpeg
content-length: 9813
cache-control: max-age=86400
cf-bgj: h2pri
etag: "62b021fc-2655"
expires: Thu, 24 Nov 2022 19:16:18 GMT
last-modified: Mon, 20 Jun 2022 07:30:04 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 11110
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ed4c4d5c20b512-OSL
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Content-Type: application/json
Origin: https://anonymfile.com
Content-Length: 397
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:30 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1ff544d24e34a44e7fa2d0f34f1b9c98
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5307591/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
GET /5/5307591/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/json
x-trace-id: d47149424601b6ec4e96c585bead59e4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:22 GMT; path=/; secure; SameSite=None
oaidts=1669242082; expires=Thu, 23 Nov 2023 22:21:22 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5307589&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=34e44b70ad654c00b117deaa78018e6f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 167
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: scm=1; OAID=5140a246b597464ba88fd7aa251c6948; oaidts=1669242082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://anonymfile.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1ec6931a6484628900c3adeacb4a6fa8
access-control-expose-headers: X-Sc
set-cookie: OAID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:23 GMT; secure; SameSite=None
oaidts=1669242082; expires=Thu, 23 Nov 2023 22:21:23 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5307588?excludes=15161934&oaid=34e44b70ad654c00b117deaa78018e6f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fanonymfile.com%2Fn0LJJ%3FPageSpeed%3Dnoscript&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://anonymfile.com
Connection: keep-alive
Referer: https://anonymfile.com/
Cookie: OAID=34e44b70ad654c00b117deaa78018e6f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:28 GMT
content-type: application/javascript
x-trace-id: cdc942c675de4afedbee1b9676a912da
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://anonymfile.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=34e44b70ad654c00b117deaa78018e6f; expires=Thu, 23 Nov 2023 22:21:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/n0LJJ?PageSpeed=noscript
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/n0LJJ?PageSpeed=noscript
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /n0LJJ?PageSpeed=noscript HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; expires=Thu, 24-Nov-2022 00:21:21 GMT; Max-Age=7200; path=/; samesite=lax
anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D; expires=Thu, 24-Nov-2022 00:21:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Wed, 23 Nov 2022 22:21:21 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
IP 104.16.126.175:0
GET /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1a7f-Ufoq68yhVBjz3riH5wAGJXD40pU"
via: 1.1 fly.io
fly-request-id: 01G7558XE30T0T2M6RDRBFG7JV-fra
cf-cache-status: HIT
age: 12285326
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ed4c24f99db50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.404
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.404
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.404 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonymfile.com/
Origin: https://anonymfile.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 09:28:55 GMT
etag: W/"637de7d7-180b9"
access-control-allow-origin: https://anonymfile.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js
IP 104.16.126.175:0
GET /filepond-plugin-file-validate-size/dist/filepond-plugin-file-validate-size.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-size@2.2.7/dist/filepond-plugin-file-validate-size.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJK92GETAYHCB6SM5YFNGC4A-fra
cf-cache-status: HIT
age: 234
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ed4c24d981b50b-OSL
X-Firefox-Spdy: h2
anonymfile.com/js/site.js
138.201.48.112200 OK 0 B URL HTTP/2 anonymfile.com/js/site.js
IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /js/site.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:21 GMT
content-type: application/javascript
last-modified: Wed, 20 Oct 2021 12:30:18 GMT
vary: Accept-Encoding
etag: W/"61700bda-2487"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: a3e8267d6cf9d7e9b2026beb0cda0630
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:05:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 24 Nov 2022 21:36:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKq1Pd2nRxjA0UjDyV9thOiWBf3e0N9KakmDz5p0eb61MiRyKhs9I%2FIujKoJKZkeHDL%2FpVX1lYbz0P6%2BJVY261I9nTm2AwIR%2B8qBKwiq%2FOLbyWkTVDRa6PQERpPpdKfh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ed4c284cc5b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1545946659
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1545946659
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1545946659 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 22:21:23 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2584d80549cc9242c8e5de13fa4a9b84
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 23 Nov 2022 22:21:22 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js
IP 104.16.126.175:0
GET /filepond-plugin-file-validate-type/dist/filepond-plugin-file-validate-type.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /filepond-plugin-file-validate-type@1.2.8/dist/filepond-plugin-file-validate-type.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJK97PEYFSP2VRW4VZ7V6J32-fra
cf-cache-status: HIT
age: 64
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ed4c24e997b50b-OSL
X-Firefox-Spdy: h2
anonymfile.com/sw.js
138.201.48.112404 Not Found 0 B IP 138.201.48.112:0
ASN #24940 Hetzner Online GmbH
GET /sw.js HTTP/1.1
Host: anonymfile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/n0LJJ?PageSpeed=noscript
Cookie: XSRF-TOKEN=eyJpdiI6ImFhUllGcmd3WnJVUXJ4SlJCOExJL2c9PSIsInZhbHVlIjoia2pCQ3c2bnpTeEhESGpuSkZtY0dpRDJXSFljeEdJYlVBeDVoU1lLdi8vVEhMRmI3OVpneEdST25ZMkZXRjZSbkd4STJmc0cvend5THlwZEFoUytaaW9WK0FSR2dPYWljeTA1UnlzTEVnMy9ESjViYjM1dU9GWjdZQVFKWDZGZFYiLCJtYWMiOiIxNzc3YTAzOGQ1MDdjYmY4ZGQ4MGE3ZjhlMTdkNzc4NzY1MDA1YmFmOGRiYzAyYWI2ZjI4ZTllNGRiZTg2MmQ3IiwidGFnIjoiIn0%3D; anonymfile_session=eyJpdiI6Im1aRyt5NnkwMmFIUVhidmlHa2U5d3c9PSIsInZhbHVlIjoiS1VQYTE1VGxaWXZaWkxuSzFJRUo4YWFsR1ptWW0zY01QdktRYW5kM1BEQ20xblo0bFY2UXRpTmh0YldNc2NUZy9lWFJsajZ2dUt2eDF5azEzOTE0dmRxY3hWRmQybGJvczM1aXROdjNDdTNlSVlwOEN0ZXFuZHppcy9oSTluY3kiLCJtYWMiOiIyYjQ1YzgxNmQ0MTMwNzdhNTIwZTg3MTM0YjdiZjljMWRlOGJkODgxZDg0MzU3ZTk0Yzk5NDZjNGU1ZmYzOTlhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
date: Wed, 23 Nov 2022 22:21:22 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymfile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 22:21:22 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMqIlJp49coI9LdfsQVsnuc2kvZgE7vOrc6fnF6dcjx3WpeklLYzJVanE0gFf7%2B0pQXw%2BqeBUoKnQdH13a9EJUGbrqoVFBl%2BLqhs40UdfS8u3pQqbJj9tHcBhtSe%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ed4c2a19cf0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2