cdn-102.anonfiles.com/EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe
195.96.151.51301 Moved Permanently 162 B URL HTTP/1.1 cdn-102.anonfiles.com/EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe
IP 195.96.151.51:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe HTTP/1.1
Host: cdn-102.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://cdn-102.anonfiles.com/EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11651
Expires: Wed, 25 Jan 2023 01:08:57 GMT
Date: Tue, 24 Jan 2023 21:54:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2366
Expires: Tue, 24 Jan 2023 22:34:12 GMT
Date: Tue, 24 Jan 2023 21:54:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5210
Expires: Tue, 24 Jan 2023 23:21:36 GMT
Date: Tue, 24 Jan 2023 21:54:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 21:42:45 GMT
content-type: application/json
age: 721
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X9wPvhkxRwBpBNJhaaFsi64HRC0y1tSA+rrBcPJWNRT+X89HkMMzuEBrhAkbYlQzOzp1BmKpdjyoErjAipSCLg==
x-amz-request-id: QGZ2QAB4V1WMPWS9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 21:19:25 GMT
age: 2121
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdn-102.anonfiles.com/EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe
195.96.151.51301 Moved Permanently 0 B URL HTTP/1.1 cdn-102.anonfiles.com/EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe
IP 195.96.151.51:0
ASN #41634 Svea Hosting AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /EeIeNfP2y4/40d24f53-1674351262/AimMethod.exe HTTP/1.1
Host: cdn-102.anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Location: https://anonfiles.com/EeIeNfP2y4
X-Cache-Host: filecache-03
X-Cache-Disk: nvme-01
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e504a0f0d4f4fa085b2c6b0bd43e26e
cdcf8a1fb2758ba5b4378bd3c207fdc1927e65c4
89984023fde739a8aa8fcc21e885debb1c85d9ca4aef6db1312567ab506d627a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89984023FDE739A8AA8FCC21E885DEBB1C85D9CA4AEF6DB1312567AB506D627A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2956
Expires: Tue, 24 Jan 2023 22:44:02 GMT
Date: Tue, 24 Jan 2023 21:54:46 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 21:54:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/EeIeNfP2y4
45.154.253.152200 OK 3.2 kB IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (402)
Hash e478eb42dc8aee732ace0d7a7a9dc362
7236fd2f483f5a04135a67ebd309fb584a9a01de
a4d815157081611cb5bd9b8ba19d2e2e279a3d54ff274ac8a883457b849ee7b6
GET /EeIeNfP2y4 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdc: Yes
cache-control: public, max-age=60
x-oe: N
Content-Encoding: gzip
anonfiles.com/css/anonfiles.css?1668606177
45.154.253.152200 OK 25 kB URL HTTP/1.1 anonfiles.com/css/anonfiles.css?1668606177
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (65452)
Hash bf84dfe5f6e6044aa4c1095a7a9a850e
e411fe5ea4f2b5ce7382dfe3079589f4817ad165
2af9a43ff27bbcad03007d87fa7d09bed286aa594a3a3d2e16f409319e782f60
GET /css/anonfiles.css?1668606177 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3024
Content-Encoding: gzip
anonfiles.com/sw_anonfiles.js
45.154.253.152200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 298
Content-Encoding: gzip
anonfiles.com/js/app.js?1668606177
45.154.253.152200 OK 58 kB URL HTTP/1.1 anonfiles.com/js/app.js?1668606177
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (63238)
Hash ba67ff13fd07739a7037fbc27b2a1955
3e253f69b2f12659c541de122c6bce0ed82ba369
1cb363c41be4b3558b7b97b28bb7620cf532033c8a7a0035020831c104aaf818
GET /js/app.js?1668606177 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2351
Content-Encoding: gzip
vjs.zencdn.net/7.3.0/video-js.min.css
151.101.66.217200 OK 9.7 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video-js.min.css
IP 151.101.66.217:0
File type ASCII text, with very long lines (35998), with no line terminators
Hash 3397ce943db8add2728dccd9a3b8b8bc
a57bbb7546a458fe57d72d06baab950125260cc9
5779043d07e39f23d64752c34c3113055eaaadf57fcd02f366cb028485e626ba
GET /7.3.0/video-js.min.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "895e6b29db41953ef6197815c6be59d3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Tue, 24 Jan 2023 21:54:46 GMT
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 249
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 9673
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/fr.png
45.154.253.152200 OK 536 B URL HTTP/1.1 anonfiles.com/img/flags/24/fr.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e81efecf1a1b1d3a17d00a904c5cc3c9
1203894dbfc8363302dc709d852c05a4dd8bf9dc
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
GET /img/flags/24/fr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: image/png
Content-Length: 536
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3102
accept-ranges: bytes
anonfiles.com/img/flags/24/kr.png
45.154.253.152200 OK 988 B URL HTTP/1.1 anonfiles.com/img/flags/24/kr.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb22f00511d088a71e84f8c1c864caed
6599812ed106bda6017487287e12bc836570649f
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
GET /img/flags/24/kr.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: image/png
Content-Length: 988
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3232
accept-ranges: bytes
anonfiles.com/img/flags/24/dk.png
45.154.253.152200 OK 537 B URL HTTP/1.1 anonfiles.com/img/flags/24/dk.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6ebe55a7d176720cd2b1003298187a8
930858408b9af1f79c430bbe15c185db555a7815
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
GET /img/flags/24/dk.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: image/png
Content-Length: 537
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4050
accept-ranges: bytes
anonfiles.com/img/flags/24/fi.png
45.154.253.152200 OK 456 B URL HTTP/1.1 anonfiles.com/img/flags/24/fi.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ea9115d18d5210d4f1db520881faa3a
09829c2b7b5e4bae28d62b1dff90220f28c3bdf5
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
GET /img/flags/24/fi.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:46 GMT
Content-Type: image/png
Content-Length: 456
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3858
accept-ranges: bytes
vjs.zencdn.net/7.3.0/video.min.js
151.101.66.217200 OK 132 kB URL HTTP/2 vjs.zencdn.net/7.3.0/video.min.js
IP 151.101.66.217:0
File type Unicode text, UTF-8 text, with very long lines (65141)
Size 132 kB (132230 bytes)
Hash e296d874aca2a1550b409394be51efaa
c184c030e9aab3d03de27bc588919e249d5ccdf7
401c15b7916797f936e9d8443945ef22e0f93305655c057a92c8d9b80c327c9f
GET /7.3.0/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "057f19acd50fc7e3ad917dd600889ee5"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Tue, 24 Jan 2023 21:54:46 GMT
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 132230
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/se.png
45.154.253.152200 OK 581 B URL HTTP/1.1 anonfiles.com/img/flags/24/se.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c9b1e40987c4411b4a7d13c07a8843aa
cfce93be3ba77e4e30033d25e2e5c6a37da1b27d
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
GET /img/flags/24/se.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 581
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3307
accept-ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 21:17:31 GMT
age: 2236
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/in.png
45.154.253.152200 OK 593 B URL HTTP/1.1 anonfiles.com/img/flags/24/in.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaf96cfc341dc9a17e24b96bef223ff
8791d6db6628e0fb21b847ab94484f0c615e38ac
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
GET /img/flags/24/in.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3218
accept-ranges: bytes
anonfiles.com/img/flags/24/pl.png
45.154.253.152200 OK 347 B URL HTTP/1.1 anonfiles.com/img/flags/24/pl.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash baf3aff7caef0be58f29b41f20a0e4db
11c840dfa1f1bd22a04aa1fa53fcac95f381b9a6
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
GET /img/flags/24/pl.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 347
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3584
accept-ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17297
Expires: Wed, 25 Jan 2023 02:43:04 GMT
Date: Tue, 24 Jan 2023 21:54:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0d4b77e335fcc1586957ace528b31e06
045005aae70549c8e77a29a644c370140d1175be
89b55c8e1ad6a2dcc9e450e59ec1bb6b815af0c6c8d12354f644ba69b31eda0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89B55C8E1AD6A2DCC9E450E59EC1BB6B815AF0C6C8D12354F644BA69B31EDA0F"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13263
Expires: Wed, 25 Jan 2023 01:35:50 GMT
Date: Tue, 24 Jan 2023 21:54:47 GMT
Connection: keep-alive
anonfiles.com/img/flags/24/jp.png
45.154.253.152200 OK 599 B URL HTTP/1.1 anonfiles.com/img/flags/24/jp.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 857f6f0e0886a3729b758b7241e42e61
a7be973a93c6ad51cf07a9f21a5dd72cc3e15680
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
GET /img/flags/24/jp.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3471
accept-ranges: bytes
djv99sxoqpv11.cloudfront.net/?xsvjd=737329
54.230.245.208200 OK 69 kB URL HTTP/2 djv99sxoqpv11.cloudfront.net/?xsvjd=737329
IP 54.230.245.208:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash dfc3c2762338cd6b40b3a541402a1dd0
137712917ccf26e148ec58819f474f30041eb1ea
f1798c257fa8b4360c7e823c955781469054d4b95b7debf426277c6ad2f092f8
GET /?xsvjd=737329 HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68726
date: Tue, 24 Jan 2023 21:54:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YRNzLhItAPGBJ6cnfn_qcpaFjA_CGh4IIc-6WGGR0oheyD4jONdGsw==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/us.png
45.154.253.152200 OK 656 B URL HTTP/1.1 anonfiles.com/img/flags/24/us.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /img/flags/24/us.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 656
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 4161
accept-ranges: bytes
anonfiles.com/img/flags/24/de.png
45.154.253.152200 OK 483 B URL HTTP/1.1 anonfiles.com/img/flags/24/de.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f8cc07c258bcd2de0c7900861e20ffc
fed97219e44693d4f3918fc4037b325732225d81
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
GET /img/flags/24/de.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 483
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3301
accept-ranges: bytes
push.services.mozilla.com/
34.216.49.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.49.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CpACIWUrYbGzthzwRE+Wug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TMdOvc2xBdhJaqF0WcksFgBxvWE=
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash 6e2f78f6ea01351b2bbb15bd7fd2fbc8
4a080fbf06069a5573223274f6312b266d4c502c
dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash 6e2f78f6ea01351b2bbb15bd7fd2fbc8
4a080fbf06069a5573223274f6312b266d4c502c
dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ardsoffhdgat.xyz/N0V1UTVWJxY8ClZ4F3dARSlIdAdxYEcXUV0zTGhGTyoEIUMGdFsyWVgwETdHWCsBf1tSMVBjc3QKIxABeh07MGUGHy0FcAdwLRBNcgYYMnl2dRo3elwxEBlgWzERCQUHJDcHflE/JyhzBj08AWcPLiQ9Y3gGLQtgYgdENFdlcCAZY0cxNgNWZB0hGHN1EyMffHEhFAVeXCktPXxUFCE9YGE9RTd/YS44GVluNCAHBVESPQR+U3UsCWx1dTEATXIrIAcNbxMcNXlxADAbZVwyIABkWy02EwxzDTIfA3EAMBt/BgMTA2QGdDZie2AGRxN0dXUWMmwEaBoEZGYuHAVdZQQQFnB+BzNhf1IXRRVkBnFEBgRYJj0WfxJ3NxAFegwsEFJ2FAI5BHQiMAdgdA8RB01PBxEARQQUEj1ZcSIzB2FwdTkSYFgOLyYFdRYSKVtzIhkadloMUztGWCsFbHh7AiQUR3kCPhZRTgs
54.192.99.7200 OK 1.2 kB URL HTTP/2 ardsoffhdgat.xyz/N0V1UTVWJxY8ClZ4F3dARSlIdAdxYEcXUV0zTGhGTyoEIUMGdFsyWVgwETdHWCsBf1tSMVBjc3QKIxABeh07MGUGHy0FcAdwLRBNcgYYMnl2dRo3elwxEBlgWzERCQUHJDcHflE/JyhzBj08AWcPLiQ9Y3gGLQtgYgdENFdlcCAZY0cxNgNWZB0hGHN1EyMffHEhFAVeXCktPXxUFCE9YGE9RTd/YS44GVluNCAHBVESPQR+U3UsCWx1dTEATXIrIAcNbxMcNXlxADAbZVwyIABkWy02EwxzDTIfA3EAMBt/BgMTA2QGdDZie2AGRxN0dXUWMmwEaBoEZGYuHAVdZQQQFnB+BzNhf1IXRRVkBnFEBgRYJj0WfxJ3NxAFegwsEFJ2FAI5BHQiMAdgdA8RB01PBxEARQQUEj1ZcSIzB2FwdTkSYFgOLyYFdRYSKVtzIhkadloMUztGWCsFbHh7AiQUR3kCPhZRTgs
IP 54.192.99.7:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3062), with no line terminators
Hash bdb23ab650e9381e8be6cba132d7601c
3a40e293cbd4d2523b03b4a9cbb7e9c86a6c3900
0590576e5f60f5410b1696d870fbf1f310d2c619f964dcfd8ed529e84b5fbd89
GET /N0V1UTVWJxY8ClZ4F3dARSlIdAdxYEcXUV0zTGhGTyoEIUMGdFsyWVgwETdHWCsBf1tSMVBjc3QKIxABeh07MGUGHy0FcAdwLRBNcgYYMnl2dRo3elwxEBlgWzERCQUHJDcHflE/JyhzBj08AWcPLiQ9Y3gGLQtgYgdENFdlcCAZY0cxNgNWZB0hGHN1EyMffHEhFAVeXCktPXxUFCE9YGE9RTd/YS44GVluNCAHBVESPQR+U3UsCWx1dTEATXIrIAcNbxMcNXlxADAbZVwyIABkWy02EwxzDTIfA3EAMBt/BgMTA2QGdDZie2AGRxN0dXUWMmwEaBoEZGYuHAVdZQQQFnB+BzNhf1IXRRVkBnFEBgRYJj0WfxJ3NxAFegwsEFJ2FAI5BHQiMAdgdA8RB01PBxEARQQUEj1ZcSIzB2FwdTkSYFgOLyYFdRYSKVtzIhkadloMUztGWCsFbHh7AiQUR3kCPhZRTgs HTTP/1.1
Host: ardsoffhdgat.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1208
date: Tue, 24 Jan 2023 21:54:47 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9c3701a40f5e4766165113d719972734.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: DxydNDbxyrkf5R2lGIXFd39mpuSD4FW5kM6pMajlL_5URXdJWyLfSQ==
X-Firefox-Spdy: h2
ardsoffhdgat.xyz/cGY0cW0RBFccUhFbVlcYAgoJVF82QwY3CRoQDUgeCAlFARtBVxoSAR8TUBcfHwhAXwMVEhFDKxkzBD8HIjBXBiExVl4QLhMXdkIFFz98IzwUC1BAJiInRT4+PkMGMyAzKwQ2BQMneDYoOyAEJBU8MlBUXzIzBjxaPQ8ENAg4IwY9PDJSbh84GSRNFRwqVGEmJzcJEUMvPCRfAiIKXl0jAxM0bhxcJD9zJwcRHmUCIiQFRzcpKh9tKSA+K2w7BRNXfkAIJyhZJCwUH20pICUqcB0BFFZuQysoPEwkF0EObkM3ISQHOwUTHnELDh0ndyQDJg9SKSM7P3MnBzonGSgAICJMHDghKFgoXjoyUCY3GgVfK14qHGEAKCMnTCEpBCFQCSsZBQUrHypVYUM1HjxCEAMyM1c2CQECWCMXElREBjghQF4CAh4WCSILEy9sEgRGP2A
54.192.99.7200 OK 1.2 kB URL HTTP/2 ardsoffhdgat.xyz/cGY0cW0RBFccUhFbVlcYAgoJVF82QwY3CRoQDUgeCAlFARtBVxoSAR8TUBcfHwhAXwMVEhFDKxkzBD8HIjBXBiExVl4QLhMXdkIFFz98IzwUC1BAJiInRT4+PkMGMyAzKwQ2BQMneDYoOyAEJBU8MlBUXzIzBjxaPQ8ENAg4IwY9PDJSbh84GSRNFRwqVGEmJzcJEUMvPCRfAiIKXl0jAxM0bhxcJD9zJwcRHmUCIiQFRzcpKh9tKSA+K2w7BRNXfkAIJyhZJCwUH20pICUqcB0BFFZuQysoPEwkF0EObkM3ISQHOwUTHnELDh0ndyQDJg9SKSM7P3MnBzonGSgAICJMHDghKFgoXjoyUCY3GgVfK14qHGEAKCMnTCEpBCFQCSsZBQUrHypVYUM1HjxCEAMyM1c2CQECWCMXElREBjghQF4CAh4WCSILEy9sEgRGP2A
IP 54.192.99.7:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash bdaf23b8f9307d79f439074bd74cbad1
cf89691fb83e2dcc8e77816eba9d239a4213c5ab
6415089384d3630c6395f46a25061c5fcc561cfef2107985bb25289cc293aecf
GET /cGY0cW0RBFccUhFbVlcYAgoJVF82QwY3CRoQDUgeCAlFARtBVxoSAR8TUBcfHwhAXwMVEhFDKxkzBD8HIjBXBiExVl4QLhMXdkIFFz98IzwUC1BAJiInRT4+PkMGMyAzKwQ2BQMneDYoOyAEJBU8MlBUXzIzBjxaPQ8ENAg4IwY9PDJSbh84GSRNFRwqVGEmJzcJEUMvPCRfAiIKXl0jAxM0bhxcJD9zJwcRHmUCIiQFRzcpKh9tKSA+K2w7BRNXfkAIJyhZJCwUH20pICUqcB0BFFZuQysoPEwkF0EObkM3ISQHOwUTHnELDh0ndyQDJg9SKSM7P3MnBzonGSgAICJMHDghKFgoXjoyUCY3GgVfK14qHGEAKCMnTCEpBCFQCSsZBQUrHypVYUM1HjxCEAMyM1c2CQECWCMXElREBjghQF4CAh4WCSILEy9sEgRGP2A HTTP/1.1
Host: ardsoffhdgat.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Tue, 24 Jan 2023 21:54:47 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9c3701a40f5e4766165113d719972734.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: jk9Qgi03gjXM-7oiaTL4OmmEmBjBjr7wvg0jCy1GRRaAWYKZ60lkiA==
X-Firefox-Spdy: h2
anonfiles.com/static/logo.png
45.154.253.152200 OK 18 kB URL HTTP/1.1 anonfiles.com/static/logo.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 450 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f9fd716d30e220aa24bab0e94ebf0aa0
4af32d78655436173f272bb65159a232f1671b8d
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
GET /static/logo.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 18441
Connection: keep-alive
last-modified: Fri, 16 Sep 2022 19:34:48 GMT
etag: "6324cfd8-4809"
reoreexpresi.xyz/ZVI4V3JKbVskTwEVbiYjCGt7DyRcKG88NDQFYBElND5qMRYjPR4jGwFvD2RFVmEIcQIMNgVmSkMhTDYGECEFZlQMPF44T0MkBWZcVXwKeUBDJwVkSlxhD2JCXGcPYUpcYQpxBhUzX2pDQyJMIx5YYw5gRlBrD2VKUGoNYg
172.67.203.148204 No Content 0 B URL HTTP/2 reoreexpresi.xyz/ZVI4V3JKbVskTwEVbiYjCGt7DyRcKG88NDQFYBElND5qMRYjPR4jGwFvD2RFVmEIcQIMNgVmSkMhTDYGECEFZlQMPF44T0MkBWZcVXwKeUBDJwVkSlxhD2JCXGcPYUpcYQpxBhUzX2pDQyJMIx5YYw5gRlBrD2VKUGoNYg
IP 172.67.203.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZVI4V3JKbVskTwEVbiYjCGt7DyRcKG88NDQFYBElND5qMRYjPR4jGwFvD2RFVmEIcQIMNgVmSkMhTDYGECEFZlQMPF44T0MkBWZcVXwKeUBDJwVkSlxhD2JCXGcPYUpcYQpxBhUzX2pDQyJMIx5YYw5gRlBrD2VKUGoNYg HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:54:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I64AUY1P8EhTuDsRJjzyPMz7a6PrkxULsqsnwcTQ5wsDZO26N51n7E5pxgEd7XBPBpjl%2BHXmPKEvR1FO3xT1EwyUzzieyKTyi2hSGPnExCLSPWn6q6x%2F2wQtfbni7k8A4Xj0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ec02782ba50afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reoreexpresi.xyz/NDNsNzYbDA9EC2NrBE9jBgIeZmNuXTtwdHthAXFvVlhZf29YREpDX1AOWwQBBwFVEUZdV1EGEEdHDUNDRw5dEV9aVQMKEEIOXRkFAB1fBhgGFRkKBQwKXwADBApZAAAMCl8FEEBDDVALBRUcQ0JYDl0BAQAGVQAEDAZUAwQ
172.67.203.148204 No Content 0 B URL HTTP/2 reoreexpresi.xyz/NDNsNzYbDA9EC2NrBE9jBgIeZmNuXTtwdHthAXFvVlhZf29YREpDX1AOWwQBBwFVEUZdV1EGEEdHDUNDRw5dEV9aVQMKEEIOXRkFAB1fBhgGFRkKBQwKXwADBApZAAAMCl8FEEBDDVALBRUcQ0JYDl0BAQAGVQAEDAZUAwQ
IP 172.67.203.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NDNsNzYbDA9EC2NrBE9jBgIeZmNuXTtwdHthAXFvVlhZf29YREpDX1AOWwQBBwFVEUZdV1EGEEdHDUNDRw5dEV9aVQMKEEIOXRkFAB1fBhgGFRkKBQwKXwADBApZAAAMCl8FEEBDDVALBRUcQ0JYDl0BAQAGVQAEDAZUAwQ HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:54:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBOPU%2Bkjvxh6QccmlefuvdHO1kuA%2BpSpK0S5v8k%2BrR6NRlTIHhqDszB682gw0OErAopKIvf%2BJHAg8CRC4JdPvrtg9XUQFFUD427%2Bq1HAwJFRmN1NgvOTDZb%2BFaMpETpX3JTW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ec02782ba70afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash 6e2f78f6ea01351b2bbb15bd7fd2fbc8
4a080fbf06069a5573223274f6312b266d4c502c
dc5c5d45b310af689fdadd3511ff831c73fe9b05c4cf9f3884e21b88dcd81b17
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yooumoughtc.xyz/utx?tid=737323&top=anonfiles.com&cb=4DLnuBni7kSW
65.9.44.102204 No Content 0 B URL HTTP/2 yooumoughtc.xyz/utx?tid=737323&top=anonfiles.com&cb=4DLnuBni7kSW
IP 65.9.44.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=737323&top=anonfiles.com&cb=4DLnuBni7kSW HTTP/1.1
Host: yooumoughtc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:54:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 24 Jan 2023 21:55:47 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d30a7800f939c215cded21c657c43fc8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: yxdhIijzZ3WI-SH9x-ihcwpy9yzqnJgM2BE-szweYsbS3ueCTE_agA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5841ef884ec146c10c6975ea9e1ebf0f
69151a25648afb9fd4c1780f4b45bd4200c6edee
88fc9bfea9c6f046d43d0cc36467cd7133555056c977beee8a486c0f3ad64c51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88FC9BFEA9C6F046D43D0CC36467CD7133555056C977BEEE8A486C0F3AD64C51"
Last-Modified: Tue, 24 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14162
Expires: Wed, 25 Jan 2023 01:50:49 GMT
Date: Tue, 24 Jan 2023 21:54:47 GMT
Connection: keep-alive
anonfiles.com/img/file/filetypes/ext/exe.png?1668605455
45.154.253.152200 OK 971 B URL HTTP/1.1 anonfiles.com/img/file/filetypes/ext/exe.png?1668605455
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6bf5e4ab859fd40841d4b6e3f73672d7
4fb4215e8618f5b248f88007a951bf61b915c20b
f7501f1e544e84cc5fa5a6d98dd4064b8db0ae2aec7f8fbc24a5c78fc7f2b2d9
GET /img/file/filetypes/ext/exe.png?1668605455 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:47 GMT
Content-Type: image/png
Content-Length: 971
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 9
accept-ranges: bytes
anonfiles.com/img/flags/24/br.png
45.154.253.152200 OK 1.1 kB URL HTTP/1.1 anonfiles.com/img/flags/24/br.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5938d2e7f7d6f4026d6eb1b4b4f2cd
7a038177fe4deec455d61d3e9c90019fa4727d40
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
GET /img/flags/24/br.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: image/png
Content-Length: 1115
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3684
accept-ranges: bytes
thecoveos.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/COVA4MXNaP1ZXTE05XAxECmcLA0ofOkteHUltdX00aBVKfzRyF1xIPR8kQlVOCXZUUB1ebR5UHVptCRcSXTIFBVVNIFdaTkklXlIcQTlUVx0fJVkMHlYqUV0fWHUKd0YXYB0DQxEnUV8XVidLFEEJPkwUQQlhCB9DHGN6FEEJJ1FfRQ11C3NWC2BAB0ccY3-oUQQkiThRAeGEIBF0JeR0DQ141W1ocHGJ+A0MIYAgAQwh1CgEVUCJdVxxBdQp3QgllFgFVTG0LCUoKZw0BSgxnDglKCmI
54.230.245.208200 OK 544 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/COVA4MXNaP1ZXTE05XAxECmcLA0ofOkteHUltdX00aBVKfzRyF1xIPR8kQlVOCXZUUB1ebR5UHVptCRcSXTIFBVVNIFdaTkklXlIcQTlUVx0fJVkMHlYqUV0fWHUKd0YXYB0DQxEnUV8XVidLFEEJPkwUQQlhCB9DHGN6FEEJJ1FfRQ11C3NWC2BAB0ccY3-oUQQkiThRAeGEIBF0JeR0DQ141W1ocHGJ+A0MIYAgAQwh1CgEVUCJdVxxBdQp3QgllFgFVTG0LCUoKZw0BSgxnDglKCmI
IP 54.230.245.208:0
File type ASCII text, with very long lines (781), with no line terminators
Hash 24775c61bcb78622644cda5cd1bbb9c2
93130802c642b22a89c28d494d45fd45ac948e2c
f10bc46272069a9eb086d4a20b4ffeaeeab8a308a824474e92715b19067967cc
Analyzer Verdict Alert fortinet Malware
GET /COVA4MXNaP1ZXTE05XAxECmcLA0ofOkteHUltdX00aBVKfzRyF1xIPR8kQlVOCXZUUB1ebR5UHVptCRcSXTIFBVVNIFdaTkklXlIcQTlUVx0fJVkMHlYqUV0fWHUKd0YXYB0DQxEnUV8XVidLFEEJPkwUQQlhCB9DHGN6FEEJJ1FfRQ11C3NWC2BAB0ccY3-oUQQkiThRAeGEIBF0JeR0DQ141W1ocHGJ+A0MIYAgAQwh1CgEVUCJdVxxBdQp3QgllFgFVTG0LCUoKZw0BSgxnDglKCmI HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 544
date: Tue, 24 Jan 2023 21:54:48 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nsahfbdAO-0C3sRO8ytCAJRvQKZQayrk-rY13IXTzwccQjEiwu3zmw==
X-Firefox-Spdy: h2
djv99sxoqpv11.cloudfront.net/iU0NjRVcwLA0jaCcqB3hgYHRQdmd1KRAqOSN+MCM0GhsALGEKF0UxLTd+U2M7Mi0EeHE2LQB4ZnUiBydqZ2UWJGo+LBksOz8iRncRZm1TYGVjaxQsOTcsFDZyYXMNMXJhc1J1eWNmUAdyYXMULDlld0Z2FXZxUz1hZ2ZQB3JhcxEzcmACUnVifXNKYGVjJA-YmPDxmUQNlY3JTdWZjckZ3ZzUqESAxPDtGdxFic1ZrZ3U2XnZvanBUcGdqdlRzb2pwUQ
54.230.245.208200 OK 252 B URL HTTP/2 djv99sxoqpv11.cloudfront.net/iU0NjRVcwLA0jaCcqB3hgYHRQdmd1KRAqOSN+MCM0GhsALGEKF0UxLTd+U2M7Mi0EeHE2LQB4ZnUiBydqZ2UWJGo+LBksOz8iRncRZm1TYGVjaxQsOTcsFDZyYXMNMXJhc1J1eWNmUAdyYXMULDlld0Z2FXZxUz1hZ2ZQB3JhcxEzcmACUnVifXNKYGVjJA-YmPDxmUQNlY3JTdWZjckZ3ZzUqESAxPDtGdxFic1ZrZ3U2XnZvanBUcGdqdlRzb2pwUQ
IP 54.230.245.208:0
File type ASCII text, with no line terminators
Hash 29aff7825af344773378748c37299459
8cc177c82133b3f5f981731dd281306fdd0760a7
cf1695fe48f28b35a5f39df53aa011a00f7690576304d5e98cede7b0f4846903
Analyzer Verdict Alert fortinet Malware
GET /iU0NjRVcwLA0jaCcqB3hgYHRQdmd1KRAqOSN+MCM0GhsALGEKF0UxLTd+U2M7Mi0EeHE2LQB4ZnUiBydqZ2UWJGo+LBksOz8iRncRZm1TYGVjaxQsOTcsFDZyYXMNMXJhc1J1eWNmUAdyYXMULDlld0Z2FXZxUz1hZ2ZQB3JhcxEzcmACUnVifXNKYGVjJA-YmPDxmUQNlY3JTdWZjckZ3ZzUqESAxPDtGdxFic1ZrZ3U2XnZvanBUcGdqdlRzb2pwUQ HTTP/1.1
Host: djv99sxoqpv11.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ardsoffhdgat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 252
date: Tue, 24 Jan 2023 21:54:48 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PErT5xqjjW3sKaN1UZYto3RozeQkMZJA_AK6MENkTGsjAjMM33MGRA==
X-Firefox-Spdy: h2
anonfiles.com/img/flags/24/ru.png
45.154.253.152200 OK 403 B URL HTTP/1.1 anonfiles.com/img/flags/24/ru.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash d8df89b036e6afb48f72d2440831bad0
04abb4b29dae9c6f1ac0f1d8a507aabe26a3be35
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
GET /img/flags/24/ru.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: image/png
Content-Length: 403
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3325
accept-ranges: bytes
anonfiles.com/img/flags/24/es.png
45.154.253.152200 OK 666 B URL HTTP/1.1 anonfiles.com/img/flags/24/es.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fa381a8eb16d9e673d32980e7fd1710
fc29fbbebe97109ef1d16a0d4a65637d6b725ac8
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
GET /img/flags/24/es.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: image/png
Content-Length: 666
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3445
accept-ranges: bytes
anonfiles.com/img/flags/24/no.png
45.154.253.152200 OK 611 B URL HTTP/1.1 anonfiles.com/img/flags/24/no.png
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash f14ac70aa6dd4d371671c0e6d7cba4e3
1139e3acd6e073bffb59157cbc10af72ed757218
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
GET /img/flags/24/no.png HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: image/png
Content-Length: 611
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 3315
accept-ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f808fda31f83240363aaca5b085407d5
4be926a79750101591ad633efa92486b47639e6c
e0336ef9a04ed72e9918dc40d00bb13fbb3b3f6f9122932f300d838ee733e499
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:48 GMT
Last-Modified: Tue, 24 Jan 2023 20:28:42 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e1ebc9a5915deca6b65f777a36af2a4
bda2dca64293f09c5cce058bab347db00bc6375d
63f87944d5c3249a86a0b71fb2108202e06a87a5365aff0c292be9acaea2de24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e1ebc9a5915deca6b65f777a36af2a4
bda2dca64293f09c5cce058bab347db00bc6375d
63f87944d5c3249a86a0b71fb2108202e06a87a5365aff0c292be9acaea2de24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 388 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 73adad6318306db7497aec473368d9ce
b9fc5407f559eefa247c125f0631d5d6eaaa6a38
41f289490d4f6c4084b1e0c47eabfe5aafefaf4aa89871f403a81f909c8cfd8c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 24 Jan 2023 21:54:48 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S923678694%3A1674597288443453&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeQ5rzom8ch5fyOYcCOO0t14tbQy9qdJmeC4bk8FGRLdfXeORoH7CYqfW19oXO813R6lJ_DDA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Nnq7hE-Sc-qqMuVgxFio3A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 388
server: GSE
set-cookie: __Host-GAPS=1:UvXPm2xJWzi-kcl4pP9YaafgK-gaFw:ElGVaqNVqI9q4qI_;Path=/;Expires=Thu, 23-Jan-2025 21:54:48 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ardsoffhdgat.xyz/utx?cb=eoC1yNj1SnXY&top=anonfiles.com&tid=737329
54.192.99.7204 No Content 0 B URL HTTP/2 ardsoffhdgat.xyz/utx?cb=eoC1yNj1SnXY&top=anonfiles.com&tid=737329
IP 54.192.99.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=eoC1yNj1SnXY&top=anonfiles.com&tid=737329 HTTP/1.1
Host: ardsoffhdgat.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonfiles.com
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 21:54:48 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://anonfiles.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 24 Jan 2023 21:55:48 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9c3701a40f5e4766165113d719972734.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 8V7My-1mXNKJz2puWgrjSKuWjrFjZ3GIakcZ0w2ApR3sLra4t6AzWw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 400 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 52572273da47283a64d68d75099b15e8
8a86e9d9aefa94f812f304680941f68520a06211
27bf7669733481c04f0822409b6be62ea265d9c61b8be1530beaa4a391c5b796
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 24 Jan 2023 21:54:48 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1576937350%3A1674597288484267&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeOvrSpF_AKECz5IGGllWWC9yQmZzh-itFkSwcN2xGRMto8dVBAQ3a5sSZHZmHGFMslu1zhKQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-LZ3REobtRUqL2KEicppIhQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:0z4PBh9vI-s5S1QCfOsMoeOmas8ydQ:dGovdBqYIzY6qKWz;Path=/;Expires=Thu, 23-Jan-2025 21:54:48 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
anonfiles.com/sw_anonfiles.js?TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA
45.154.253.152200 OK 16 kB URL HTTP/1.1 anonfiles.com/sw_anonfiles.js?TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type ASCII text, with very long lines (25712)
Hash 5e03f95322bfd924a10943354a145be8
149a1d27b2169791e547a074c3d40b279319d35b
27217ff2c97023ff148125e47bcc97af3fbc6307336f8b67689da13ffb14acaf
GET /sw_anonfiles.js?TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-vdch: Yes
cache-control: public, max-age=14400
x-oe: Y
x-oh: 590
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 21:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1668605455
45.154.253.152200 OK 1.3 kB URL HTTP/1.1 anonfiles.com/img/favicon/favicon-32x32-anonfiles.png?1668605455
IP 45.154.253.152:0
ASN #41634 Svea Hosting AB
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ee0e6dd4ef643128a1b7bd4ab32b8a79
8136c70aac1e50f8356c83f91fb77ea4b6596cbc
51f305558b4ed6fcf3a31b4f9e404fc2ea426cb5e785ac46ce827de0c5cabb4c
GET /img/favicon/favicon-32x32-anonfiles.png?1668605455 HTTP/1.1
Host: anonfiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/EeIeNfP2y4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 21:54:48 GMT
Content-Type: image/png
Content-Length: 1309
Connection: keep-alive
cache-control: public, max-age=3600
x-oe: Y
x-oh: 2232
accept-ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:54:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:54:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Wed, 25 Jan 2023 00:22:25 GMT
Date: Tue, 24 Jan 2023 21:54:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZE7yDAT_YRseW7m410pGAwkWAwJ2HmuTlg2IbSvCbN20SJbmQ4Odg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:06:36 GMT
age: 85692
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwEyWoAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:28:47 GMT
age: 66361
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16d9c0855b43a6c2351cb450187948e2
7208e2e4beb739ae9aded4a207d48cb3572fad5f
92b0423b09aa653ec7326d0aa05dbe137ba452ef21f118c7eb6499a8ccecc8fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12907
x-amzn-requestid: c9f9a619-f0e1-4bc4-af2a-796b16aa1250
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFqF-lIAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-625e4bab03baa979605f13f8;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: riKsmnzvLP5xapNSozaa5W4P6--p4xU5bkS4Ir7jln-P_o_QhMBBxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:30 GMT
age: 85818
etag: "7208e2e4beb739ae9aded4a207d48cb3572fad5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462fc1946b8dbae49aa3cf22291fc707
400c6dc7973b36a5d3e43cc3b439da49ab6c76b5
88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0eb65TKWgBaHaPETcwgUpjEHT6yMMT4N0vcRh3C66WYct0PNL-AcpQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:47 GMT
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
age: 86281
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb690b8f5503bf4bcf424e58ddb6b8c
eb96120190e3a5c286ac5ec51ee8b163540377fd
c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OD1DSocM7Q1FhRQ4oMhGjU8GN-sv978YqNpLMiKjeWupfFbK-WDXxQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:05 GMT
age: 85843
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3172dcbfc344029f09fec71cfa869af7
1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad
e818325e9a7a516912bba892f0ff7377ee0a60d0a38afbbc7f41f8f5d7857a07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfe8cd9-8a38-4bff-80c1-8c58b3618c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 25119c89-8b57-4f78-ba4d-6181a565fc55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrOG_VIAMF15w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-5f7fde965860cba74a51ddbf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZM3fGgrP1P7ju8-1AFIahWbbTgZaAu3mCZyN9m_g_rw6rWHeldJhmQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:44 GMT
etag: "1a45d9e39cb8a2fcf5cb06bbfcf0194f1eaff2ad"
content-type: image/jpeg
age: 86224
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thecoveos.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
thecoveos.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 344
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
thecoveos.com/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://anonfiles.com
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
thecoveos.com/TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA
52.20.131.174200 OK 0 B URL HTTP/2 thecoveos.com/TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA
IP 52.20.131.174:0
GET /TG1EcFcXT3NDYH9fd1J7bk9oUmEvD3UWb3wJaRFnflppRDV8CWlJYnRUaUVvewlxSW58WSAWbm5BZhRvfVknRWF0QHZGZXtAcElvKkAmRG90QHxFMnkOchNnf1V1EnVgTzcHdWBPMBgyLwIyFTg%2EQycfOm5BZkFnYlhmXDEtATcVeyoMKAMyYAslHCQpMA HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 4db7eb01641056e450c0bc48eccc7475=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8442-T9jksht5Fb6UCVUiZTUnsL+v2pU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
54.162.51.18200 OK 0 B URL HTTP/2 baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1
IP 54.162.51.18:0
GET /?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 HTTP/1.1
Host: baconaces.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonfiles.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fc-DuUXvpAzM6mzzkGGtY2hqeh2Xaw"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S923678694%3A1674597288443453&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeQ5rzom8ch5fyOYcCOO0t14tbQy9qdJmeC4bk8FGRLdfXeORoH7CYqfW19oXO813R6lJ_DDA
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S923678694%3A1674597288443453&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeQ5rzom8ch5fyOYcCOO0t14tbQy9qdJmeC4bk8FGRLdfXeORoH7CYqfW19oXO813R6lJ_DDA
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S923678694%3A1674597288443453&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeQ5rzom8ch5fyOYcCOO0t14tbQy9qdJmeC4bk8FGRLdfXeORoH7CYqfW19oXO813R6lJ_DDA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 24 Jan 2023 21:54:48 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-js_lJ7XzeqMHo4ysKyjjaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1576937350%3A1674597288484267&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeOvrSpF_AKECz5IGGllWWC9yQmZzh-itFkSwcN2xGRMto8dVBAQ3a5sSZHZmHGFMslu1zhKQ
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1576937350%3A1674597288484267&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeOvrSpF_AKECz5IGGllWWC9yQmZzh-itFkSwcN2xGRMto8dVBAQ3a5sSZHZmHGFMslu1zhKQ
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S-1576937350%3A1674597288484267&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeOvrSpF_AKECz5IGGllWWC9yQmZzh-itFkSwcN2xGRMto8dVBAQ3a5sSZHZmHGFMslu1zhKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://anonfiles.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 24 Jan 2023 21:54:48 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-EElZ1LUcfVwfzrPfgGdclw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2