anonfiles.com Open in urlscan Pro
2001:678:b30:4::d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-01.anonfile.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe
Effective URL:
https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe
Submission Tags: falconsandbox
Submission: On September 07 via api (September 7th 2022, 5:26:45 pm UTC) from US — Scanned from GB

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 7 countries across 12 domains to perform 40 HTTP transactions. The main IP is 2001:678:b30:4::d, located in Sweden and belongs to SVEA, SE. The main domain is anonfiles.com. The Cisco Umbrella rank of the primary domain is 149013.
TLS certificate: Issued by R3 on July 28th 2022. Valid for: 3 months.

This is the only time anonfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.154.253.153 45.154.253.153	41634 (SVEA) (SVEA)
20	2001:678:b30:... 2001:678:b30:4::d	41634 (SVEA) (SVEA)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
3	13.224.194.221 13.224.194.221	16509 (AMAZON-02) (AMAZON-02)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.17.119 108.138.17.119	16509 (AMAZON-02) (AMAZON-02)
1	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.214.56 52.222.214.56	16509 (AMAZON-02) (AMAZON-02)
3	104.21.59.7 104.21.59.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
40	12

1 45.154.253.153 (United Kingdom) 1 redirects

ASN41634 (SVEA, SE)
PTR: shared07.cust05.proxy.is

cdn-01.anonfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2001:678:b30:4::d (Sweden)

ASN41634 (SVEA, SE)

anonfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.194.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-221.fra2.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

baconaces.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-119.fra56.r.cloudfront.net

opertyvaluat.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

tebilaterde.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.214.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-56.fra56.r.cloudfront.net

onakasulback.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.59.7 (None, )

ASN13335 (CLOUDFLARENET, US)

ycadenevery.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	anonfiles.com anonfiles.com — Cisco Umbrella Rank: 149013	130 KB
4	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 126	2 KB
3	ycadenevery.xyz ycadenevery.xyz	1 KB
3	onakasulback.autos onakasulback.autos	4 KB
3	cloudfront.net djv99sxoqpv11.cloudfront.net	69 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 854787	101 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5994	139 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 111
1	tebilaterde.xyz tebilaterde.xyz — Cisco Umbrella Rank: 52517	37 B
1	opertyvaluat.autos opertyvaluat.autos	488 B
1	baconaces.pro baconaces.pro — Cisco Umbrella Rank: 584004	23 KB
1	anonfile.com 1 redirects cdn-01.anonfile.com	229 B
40	12

	Domain	Requested by
20	anonfiles.com	anonfiles.com
4	accounts.google.com	2 redirects anonfiles.com
3	ycadenevery.xyz	anonfiles.com
3	onakasulback.autos	djv99sxoqpv11.cloudfront.net
3	djv99sxoqpv11.cloudfront.net	anonfiles.com onakasulback.autos
2	pogothere.xyz	djv99sxoqpv11.cloudfront.net
2	vjs.zencdn.net	anonfiles.com
1	www.facebook.com	anonfiles.com
1	tebilaterde.xyz	baconaces.pro
1	opertyvaluat.autos	baconaces.pro
1	baconaces.pro	anonfiles.com
1	cdn-01.anonfile.com	1 redirects
40	12

This site contains links to these domains. Also see Links.

Domain
filechan.org
letsupload.cc

Subject Issuer	Validity	Valid
anonfiles.com R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
baconaces.pro R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
opertyvaluat.autos Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh
tebilaterde.xyz R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.pogothere.xyz E1	`2022-09-04` - `2022-12-03`	3 months	crt.sh
onakasulback.autos Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh
*.ycadenevery.xyz E1	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-17` - `2022-09-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe
Frame ID: C579528BBC42E6229F0A8ED53458BFB5
Requests: 36 HTTP requests in this frame

Frame: https://onakasulback.autos/MGpMQldRCC8vaFFXLmQiQgZxZ2V2T34EM1ocdXskSAU9MiEBW2IhO18fKCQlXwQ4bDlVHmlwEV45GikvfSInMxlcUxsQPQAdGhNmfw8hdhRxAQ40GgAgKgQtXAEpNR57Lw4lEmgofWdldi0Kcz18A3wmNFgzAg8tACcNBG9cJQp7D2ItdHoPASQJJx8JOxoAIwAIHiYSczkVOxN1DQ4ILUQwHjUkRCQnMQB0KSQpD3ZSCAsTZg4ZFC8HIjsTMmM9NDAWYg0DCxNUPBQ1YwYMDQ8WdhB9ehZHKAUnD1MoChc4fAwNDxZ0Aw1xFUc4Lyc/Qz8NKTxICDtvAmoyBDYnZS8NCB1kEgsUBUMDAQcCZjk7eyRxDSgaMl1SGQM8XAIBLjt1LA8Ub3FZAiEyAgYoFQV5GSoDGnEiJTVhZwZ1EzV3GQ4XL3VdAi4vZjIEMTFxKw4PDQIBKgACWB0uAG9yORQ2b3EdDQkcdFMdEz9yGS1xNHY5IndkcQ0WJAd3Ow1kPUMFIjJqelg/GxYFBih0Flw5GyYTcw
Frame ID: C2871C0A7B71526D12F93B55EBC2A409
Requests: 2 HTTP requests in this frame

Frame: https://onakasulback.autos/OXBKUGtYEik9VFhNKHYeSxx3dVl/VXgWD1MGc2kYQR87IB0IQWQzB1YFLjYZVh4+fgVcBG9iLVolIRYjdBwPKCdQHB8yAmAfAydSVCkSClt4JwxgIEMiLgASc0gaPj5tNT0/JFgxGygpayEfGjheHC83IQogIxEbbycyYCF6HBgyLHceADwyQxJ5BgNrCggmJ3oYAx8vDQQAOA9TNgICG3geGDcIbkkMHy9OHAEVPlAUeR5YYTMcYwgKEw4JM0EIEzcubRR5HlhrJC1oDwo9EgkDexsuASJJKgIGHn9CBDkifRQJAD9aQgM8Kg8/MAYCeDIuPghXXQszMlQiITQ6c0UFAwBDKDBhWFoHGwgyCzk+HAdSQC5jJQomHgETchktMg9+MjIaLVYaGgMcUDZ4HT5aOCkYDQs6PDMMdx8QYlILMSceWFpDLhImfSEtHj1NQBMRD0AxHQpTWh4PBSF+ST12AUofJCBWQDcIESBwKh8zL2o
Frame ID: 3D41F191C8CB705B27AB81FF11FB6103
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 - Not Found! - AnonFiles

Page URL History Show full URLs

https://cdn-01.anonfile.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe HTTP 301
https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Page URL

Page Statistics

40
Requests

93 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

12
IPs

7
Countries

467 kB
Transfer

1293 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://filechan.org/
Title: filechan

Search URL Search Domain Scan URL

URL: https://letsupload.cc/
Title: LetsUpload

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-01.anonfile.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe HTTP 301
https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1190353289%3A1662571600639629&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVKAc_uJHqRt5TjxrRRJ-ZL5kvB78xpi-QxukXQp61mFNQ_uU49qeyUCoth3MD6ITyE0BlEZQ

Request Chain 33

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1510082289%3A1662571600655980&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUj1Ga6YWtuOs_6CacWbiFt3pbabYpWBwmro8qU2e69Su9LLwpCCuy4QT9QAs-K3pYG9MODWg

40 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request Covi.exe Show response anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/ Redirect Chain https://cdn-01.anonfile.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe	10 KB 3 KB	299ms 110ms	Document text/html	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `6c0a2c4b02f40fb20ef5ee3bf9f7b48054f65a982e56496dde5cab09f8396366` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 07 Sep 2022 17:26:39 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding cache-control public, max-age=3600 x-oe N Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Wed, 07 Sep 2022 17:26:39 GMT Location https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Server nginx
GET H2	200	video-js.min.css vjs.zencdn.net/7.3.0/	35 KB 10 KB	205ms 62ms	Stylesheet text/css	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/7.3.0/video-js.min.css Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:39 GMT content-encoding gzip last-modified Fri, 26 Oct 2018 18:06:27 GMT etag "895e6b29db41953ef6197815c6be59d3" x-served-by cache-mxp6935-MXP vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 9673 x-cache-hits 3453
GET H/1.1	200 OK	anonfiles.css anonfiles.com/css/	158 KB 25 KB	162ms 162ms	Stylesheet text/css	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/css/anonfiles.css?1661352192 Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `bfd1d04319976b5c2cbbe73ca7197ed05bd718901d49da2f65cecf751d3efc65` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT Content-Encoding gzip x-oe Y Server nginx Vary Accept-Encoding Content-Type text/css cache-control public, max-age=3600 Transfer-Encoding chunked Connection keep-alive x-oh 3311
GET H/1.1	200 OK	app.js Show response anonfiles.com/js/	189 KB 57 KB	242ms 79ms	Script application/javascript	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/js/app.js?1661352192 Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `ee607a4919a33f6946c245c09d6db9dd3085ef77bf9f8a7a3a819f3cffe178a7` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT Content-Encoding gzip x-oe Y Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 cache-control public, max-age=3600 Transfer-Encoding chunked Connection keep-alive x-oh 2844
GET H/1.1	200 OK	logo.png anonfiles.com/static/	18 KB 18 KB	171ms 167ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/static/logo.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT last-modified Thu, 13 Aug 2020 11:36:54 GMT Server nginx Connection keep-alive etag "5f3525d6-4809" Content-Length 18441 Content-Type image/png
GET H/1.1	200 OK	us.png anonfiles.com/img/flags/24/	656 B 877 B	480ms 274ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/us.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 656 x-oh 3238
GET H/1.1	200 OK	de.png anonfiles.com/img/flags/24/	483 B 704 B	537ms 329ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/de.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 483 x-oh 3780
GET H/1.1	200 OK	fr.png anonfiles.com/img/flags/24/	536 B 757 B	616ms 358ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/fr.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 536 x-oh 3823
GET H/1.1	200 OK	br.png anonfiles.com/img/flags/24/	1 KB 1 KB	659ms 363ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/br.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 1115 x-oh 3103
GET H/1.1	200 OK	ru.png anonfiles.com/img/flags/24/	403 B 624 B	403ms 221ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/ru.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 403 x-oh 3042
GET H/1.1	200 OK	in.png anonfiles.com/img/flags/24/	593 B 814 B	180ms 64ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/in.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 593 x-oh 3110
GET H/1.1	200 OK	es.png anonfiles.com/img/flags/24/	666 B 887 B	193ms 67ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/es.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 666 x-oh 3124
GET H/1.1	200 OK	no.png anonfiles.com/img/flags/24/	611 B 832 B	284ms 103ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/no.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 611 x-oh 3127
GET H/1.1	200 OK	se.png anonfiles.com/img/flags/24/	581 B 802 B	115ms 65ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/se.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 581 x-oh 3771
GET H/1.1	200 OK	dk.png anonfiles.com/img/flags/24/	537 B 758 B	181ms 64ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/dk.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 537 x-oh 3210
GET H/1.1	200 OK	fi.png anonfiles.com/img/flags/24/	456 B 677 B	182ms 67ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/fi.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 456 x-oh 3138
GET H/1.1	200 OK	pl.png anonfiles.com/img/flags/24/	347 B 568 B	195ms 69ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/pl.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 347 x-oh 3128
GET H/1.1	200 OK	jp.png anonfiles.com/img/flags/24/	599 B 820 B	354ms 172ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/jp.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:40 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 599 x-oh 3683
GET H/1.1	200 OK	kr.png anonfiles.com/img/flags/24/	988 B 1 KB	245ms 85ms	Image image/png	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/img/flags/24/kr.png Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT x-oe Y Server nginx Content-Type image/png cache-control public, max-age=3600 Connection keep-alive accept-ranges bytes Content-Length 988 x-oh 3742
GET H2	200	video.min.js Show response vjs.zencdn.net/7.3.0/	465 KB 129 KB	64ms 63ms	Script application/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/7.3.0/video.min.js Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:39 GMT content-encoding gzip last-modified Fri, 26 Oct 2018 18:06:27 GMT etag "057f19acd50fc7e3ad917dd600889ee5" x-served-by cache-mxp6935-MXP vary Accept-Encoding x-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 132230 x-cache-hits 1
GET H/1.1	200 OK	sw_anonfiles.js Show response anonfiles.com/	44 KB 16 KB	76ms 76ms	Script application/javascript	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/sw_anonfiles.js Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `9091b2493e77eac744b42f7634ab2bbd51f693cc036926c9a91efbeef482d167` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 07 Sep 2022 17:26:39 GMT Content-Encoding gzip x-oe Y Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 cache-control public, max-age=14400 Transfer-Encoding chunked x-vdch Yes Connection keep-alive x-oh 52835
GET H2	200	/ Show response djv99sxoqpv11.cloudfront.net/	203 KB 67 KB	433ms 331ms	Script text/plain	13.224.194.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-221.fra2.r.cloudfront.net Software / Resource Hash `74db4f5c0fc3232f9e1cb169d54ee013c09c54681209f95a63cc36536943b0d2` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 07 Sep 2022 17:26:40 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 68585 via 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront) x-amz-cf-id C-Rh5Zk240Rf4irgdck5u4xWZIgAhroVIXVhMsgTn9kdaiFB37YBjA==
GET BLOB	200 OK	8c4757b1-42cb-470b-8577-255384065847 https://anonfiles.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://anonfiles.com/8c4757b1-42cb-470b-8577-255384065847 Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	/ Show response baconaces.pro/	56 KB 23 KB	361ms 120ms	Script application/javascript	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 Requested by Host: anonfiles.com URL: https://anonfiles.com/sw_anonfiles.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Express Resource Hash `c921cfa94c45baaa5333b0bea24a51004c9426d2ad1570c411d435f6ffa89c3d` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers content-encoding gzip etag W/"e10d-WKvxIBbLA428667xEQNaj6cf5Uo" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers X-Requested-With,content-type
GET H2	204	utx Show response opertyvaluat.autos/	0 488 B	234ms 135ms	XHR text/plain	108.138.17.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://opertyvaluat.autos/utx?tid=737323&top=anonfiles.com&cb=FlkovqnIjxQe Requested by Host: baconaces.pro URL: https://baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-119.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 07 Sep 2022 17:26:40 GMT via 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://anonfiles.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id ACR8LXHsvZMy-Zz3idLqfIJY8AdmMqtfQ-wVLkS5cuhrJEEB-z3izg==
POST H2	200	/ Show response tebilaterde.xyz/	0 37 B	368ms 119ms	XHR text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tebilaterde.xyz/ Requested by Host: baconaces.pro URL: https://baconaces.pro/?tag_id=737323&sub_id2=6cb1f80d-a027-4b0d-9589-587d59904df9&sw_url=https%3A%2F%2Fanonfiles.com%2Fsw_anonfiles.js&smf=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://anonfiles.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 101 KB	106ms 36ms	Fetch binary/octet-stream	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:40 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2994 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 07 Sep 2022 16:36:46 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vdhjm7cHBlKgZT1pRgPRgQrvy0fWI8JYttlR%2FfZctNf2Lfg0peNudiKWi3AEqQdp06g1yDKCdonhCZQdE3gZQu%2BXt5546Pari6mKVc3z0CBsYb57Sn%2BhekniiZ0nXU%2F"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://anonfiles.com cache-control max-age=14400 access-control-allow-credentials true cf-ray 747126978b25188f-MAN access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	26 B 371 B	197ms 127ms	Fetch text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6419ac1e4cc4ac8cf36e37cbe055d9b18b20283e3803db27479a809377623b18` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods GET content-type text/plain access-control-allow-origin https://anonfiles.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkpUIXPTGdwwkaSiMQPhnMd4RgOHGq%2FaMBl%2F1Szl8zGD47j03quTib4u9Wh3qGBDFTtIyUv9WpOutFK8NdIYEjDjLb1iGbFDsxiff7RGpbbO%2BH76HRJdvBLO8ROzJF7Z"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 747126978b28188f-MAN access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response onakasulback.autos/	0 487 B	229ms 131ms	XHR text/plain	52.222.214.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onakasulback.autos/utx?cb=LOQvx4s0xLAU&top=anonfiles.com&tid=737329 Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-56.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 07 Sep 2022 17:26:40 GMT via 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://anonfiles.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id IgtJw80ewnv1EmE562bk23J3jdVXaznYSElOOcN6KsuB1AO7nFqheg==
GET H2	200	GxYFBih0Flw5GyYTcw Show response onakasulback.autos/MGpMQldRCC8vaFFXLmQiQgZxZ2V2T34EM1ocdXskSAU9MiEBW2IhO18fKCQlXwQ4bDlVHmlwEV45GikvfSInMxlcUxsQPQAdGhNmfw8hdhRxAQ40GgAgKgQtXAEpNR57Lw4lEmgofWdldi0Kcz18A3wmNFgzAg8tACcNBG9cJQp7D2ItdH... Frame C287	3 KB 2 KB	211ms 131ms	Document text/html	52.222.214.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onakasulback.autos/MGpMQldRCC8vaFFXLmQiQgZxZ2V2T34EM1ocdXskSAU9MiEBW2IhO18fKCQlXwQ4bDlVHmlwEV45GikvfSInMxlcUxsQPQAdGhNmfw8hdhRxAQ40GgAgKgQtXAEpNR57Lw4lEmgofWdldi0Kcz18A3wmNFgzAg8tACcNBG9cJQp7D2ItdHoPASQJJx8JOxoAIwAIHiYSczkVOxN1DQ4ILUQwHjUkRCQnMQB0KSQpD3ZSCAsTZg4ZFC8HIjsTMmM9NDAWYg0DCxNUPBQ1YwYMDQ8WdhB9ehZHKAUnD1MoChc4fAwNDxZ0Aw1xFUc4Lyc/Qz8NKTxICDtvAmoyBDYnZS8NCB1kEgsUBUMDAQcCZjk7eyRxDSgaMl1SGQM8XAIBLjt1LA8Ub3FZAiEyAgYoFQV5GSoDGnEiJTVhZwZ1EzV3GQ4XL3VdAi4vZjIEMTFxKw4PDQIBKgACWB0uAG9yORQ2b3EdDQkcdFMdEz9yGS1xNHY5IndkcQ0WJAd3Ow1kPUMFIjJqelg/GxYFBih0Flw5GyYTcw Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-56.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `5debffd2e7a3348d3c16f566f5a884372c0aad59978d3c1067ac7f3cbcfbab1b` Request headers Referer https://anonfiles.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1245 content-type text/html date Wed, 07 Sep 2022 17:26:40 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront) x-amz-cf-id 4FjyFzCzB5r0ro0whP1WaT3HBnbUU4dpHNC_mejBzeaegxBtqa0yjg== x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront
GET H2	200	MAYCeDIuPghXXQszMlQiITQ6c0UFAwBDKDBhWFoHGwgyCzk+HAdSQC5jJQomHgETchktMg9+MjIaLVYaGgMcUDZ4HT5aOCkYDQs6PDMMdx8QYlILMSceWFpDLhImfSEtHj1NQBMRD0AxHQpTWh4PBSF+ST12AUofJCBWQDcIESBwKh8zL2o Show response onakasulback.autos/OXBKUGtYEik9VFhNKHYeSxx3dVl/VXgWD1MGc2kYQR87IB0IQWQzB1YFLjYZVh4+fgVcBG9iLVolIRYjdBwPKCdQHB8yAmAfAydSVCkSClt4JwxgIEMiLgASc0gaPj5tNT0/JFgxGygpayEfGjheHC83IQogIxEbbycyYCF6HBgyLHceAD... Frame 3D41	3 KB 2 KB	206ms 133ms	Document text/html	52.222.214.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onakasulback.autos/OXBKUGtYEik9VFhNKHYeSxx3dVl/VXgWD1MGc2kYQR87IB0IQWQzB1YFLjYZVh4+fgVcBG9iLVolIRYjdBwPKCdQHB8yAmAfAydSVCkSClt4JwxgIEMiLgASc0gaPj5tNT0/JFgxGygpayEfGjheHC83IQogIxEbbycyYCF6HBgyLHceADwyQxJ5BgNrCggmJ3oYAx8vDQQAOA9TNgICG3geGDcIbkkMHy9OHAEVPlAUeR5YYTMcYwgKEw4JM0EIEzcubRR5HlhrJC1oDwo9EgkDexsuASJJKgIGHn9CBDkifRQJAD9aQgM8Kg8/MAYCeDIuPghXXQszMlQiITQ6c0UFAwBDKDBhWFoHGwgyCzk+HAdSQC5jJQomHgETchktMg9+MjIaLVYaGgMcUDZ4HT5aOCkYDQs6PDMMdx8QYlILMSceWFpDLhImfSEtHj1NQBMRD0AxHQpTWh4PBSF+ST12AUofJCBWQDcIESBwKh8zL2o Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-56.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `1f84928da50557f6d48d75077662b8d831756f60f0fc719baf8e979bd8d4e6fa` Request headers Referer https://anonfiles.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1218 content-type text/html date Wed, 07 Sep 2022 17:26:40 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront) x-amz-cf-id 9y4iT33iTolaPWqAvVxMOgaJD-cQEZZW9PTKuOPUQbRiw0h8jIN8cQ== x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront
GET H2	204	HTMgBxMpPhYbLhwjFTEUEk84Ah1MXn9cSkNQahsQFVR9TQoFCDgeCkxYagIXFwZxTQ9MWGJYTV9bdEVIVxxxWl8FGS0MREBPPB8NHVR9XU9DXHtaT0FZeFNK ycadenevery.xyz/eXFpTGtWTgo/Vhs3LyM+LzMMFVo/	0 407 B	202ms 134ms	Image text/plain	104.21.59.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ycadenevery.xyz/eXFpTGtWTgo/Vhs3LyM+LzMMFVo/HTMgBxMpPhYbLhwjFTEUEk84Ah1MXn9cSkNQahsQFVR9TQoFCDgeCkxYagIXFwZxTQ9MWGJYTV9bdEVIVxxxWl8FGS0MREBPPB8NHVR9XU9DXHtaT0FZeFNK Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.7 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPAf2CFdflQzgd5nU8mceSTXlMkzfd7HIMXlleO2MTZ2udWBArYi%2FLNDp5cuaVD%2FeiXGZUHfHasupy7pJZZlCGvy194lh6aph0rj%2F740IgSr2mfVurMRPHe09yMRMZ9LViE%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 74712697af123628-MAN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	478ms 373ms	Image text/html	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers
GET H2	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/v3/signin/identifier?dsh=S-1190353289%3A1662571600639629&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSign...	0 0	92ms 92ms	Image text/html	2a00:1450:4001:802::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S-1190353289%3A1662571600639629&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVKAc_uJHqRt5TjxrRRJ-ZL5kvB78xpi-QxukXQp61mFNQ_uU49qeyUCoth3MD6ITyE0BlEZQ Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Server 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 395 x-xss-protection 1; mode=block pragma no-cache server GSE date Wed, 07 Sep 2022 17:26:40 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S-1190353289%3A1662571600639629&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVKAc_uJHqRt5TjxrRRJ-ZL5kvB78xpi-QxukXQp61mFNQ_uU49qeyUCoth3MD6ITyE0BlEZQ cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-RHwBPkWoDKCxoILd-OqFwA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	403	identifier accounts.google.com/v3/signin/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/v3/signin/identifier?dsh=S1510082289%3A1662571600655980&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...	0 0	90ms 90ms	Image text/html	2a00:1450:4001:802::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/v3/signin/identifier?dsh=S1510082289%3A1662571600655980&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUj1Ga6YWtuOs_6CacWbiFt3pbabYpWBwmro8qU2e69Su9LLwpCCuy4QT9QAs-K3pYG9MODWg Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Server 2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 396 x-xss-protection 1; mode=block pragma no-cache server GSE date Wed, 07 Sep 2022 17:26:40 GMT x-frame-options DENY report-to {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-type text/html; charset=UTF-8 location https://accounts.google.com/v3/signin/identifier?dsh=S1510082289%3A1662571600655980&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUj1Ga6YWtuOs_6CacWbiFt3pbabYpWBwmro8qU2e69Su9LLwpCCuy4QT9QAs-K3pYG9MODWg cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-a81kIzPACzCJzwZ0jm0A5A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport cross-origin-opener-policy-report-only same-origin; report-to="coop_gse_qebhlk" expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	bFpYcHlDZTsDRCJqMAc2OB8eFhIHExkhI1kIGQc7KDQoOT0LOX4EEAhnb0NOX2loVgkFPmVBQUopLBENGSllQV8FND4fREosZUFXXHRpXkpKL2VBXxgqORdEXXwoBA0AZ2lGT15vb0FPXGptQEg ycadenevery.xyz/	0 245 B	206ms 138ms	Image text/plain	104.21.59.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ycadenevery.xyz/bFpYcHlDZTsDRCJqMAc2OB8eFhIHExkhI1kIGQc7KDQoOT0LOX4EEAhnb0NOX2loVgkFPmVBQUopLBENGSllQV8FND4fREosZUFXXHRpXkpKL2VBXxgqORdEXXwoBA0AZ2lGT15vb0FPXGptQEg Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.59.7 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDbezprGWdrPGMQBKGgsj7LqiJkt4XI%2F%2BQIbNsdd4F2yIdoZ%2Bd8icwXPi4SpBMl9dEGk2Fq5KvqCtH1RlbtQKU19z3edUFbZUQAwNHX5TdSFm99tMcIhcmmitJZxlPf36X0%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 74712697af1b3628-MAN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	collect Show response anonfiles.com/analytics/	43 B 229 B	71ms 71ms	XHR image/gif	2001:678:b30:4::d SVEA
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/analytics/collect?v=1&t=pageview&d=186705703947.1662571601&s=791236578382.1662571601&de=UTF-8&ul=en-US&sd=24bit&sr=1600x1200&vp=1600x1200&as=11&z=464884&dl=https%3A%2F%2Fanonfiles.com%2FJdPc12i9o1%2F4876ec8d-1584713270%2FCovi.exe&dt=404%20-%20Not%20Found!%20-%20AnonFiles&re= Requested by Host: anonfiles.com URL: https://anonfiles.com/js/app.js?1661352192 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:678:b30:4::d , Sweden, ASN41634 (SVEA, SE), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Accept / Referer https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe X-CSRF-Token YZVNqQgLAyAN1zWKNVXTZyF37FJK2m2ZhzqY1su6 accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 X-Requested-With XMLHttpRequest Response headers Date Wed, 07 Sep 2022 17:26:40 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	GF1jLi0dchYNMz0MAF8lOF9XRG88X1NEeH9QVBt0bRdECSYyDEgBJztZRwstNksWDChkXF8DIDVdUVx7HwQeSWxrARgOIDdVXw46fAMAFz18AwBIeXcBFUoLfAMADiA3BwRcehsUAkkxbw-UZXHtpUEAJJTxGVRsiMEUVSw9sAgdXem8UAklhMllEFCV8A3Nce2ld... Show response djv99sxoqpv11.cloudfront.net/nSVkxMHkqNl9WRj0wVQ1Oem4CAkBvM0JfFzlkewIKEBgEXB1/ Frame C287	804 B 848 B	318ms 318ms	Script text/plain	13.224.194.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djv99sxoqpv11.cloudfront.net/nSVkxMHkqNl9WRj0wVQ1Oem4CAkBvM0JfFzlkewIKEBgEXB1/GF1jLi0dchYNMz0MAF8lOF9XRG88X1NEeH9QVBt0bRdECSYyDEgBJztZRwstNksWDChkXF8DIDVdUVx7HwQeSWxrARgOIDdVXw46fAMAFz18AwBIeXcBFUoLfAMADiA3BwRcehsUAkkxbw-UZXHtpUEAJJTxGVRsiMEUVSw9sAgdXem8UAklhMllEFCV8A3Nce2ldWRIsfAMAHiw6Wl9QbGsBUxE7NlxVXHsfAABMZ2kfBUhwbB8BSXt8AwAKKD9QQhBsa3cFSn53AgZfPGQA Requested by Host: onakasulback.autos URL: https://onakasulback.autos/MGpMQldRCC8vaFFXLmQiQgZxZ2V2T34EM1ocdXskSAU9MiEBW2IhO18fKCQlXwQ4bDlVHmlwEV45GikvfSInMxlcUxsQPQAdGhNmfw8hdhRxAQ40GgAgKgQtXAEpNR57Lw4lEmgofWdldi0Kcz18A3wmNFgzAg8tACcNBG9cJQp7D2ItdHoPASQJJx8JOxoAIwAIHiYSczkVOxN1DQ4ILUQwHjUkRCQnMQB0KSQpD3ZSCAsTZg4ZFC8HIjsTMmM9NDAWYg0DCxNUPBQ1YwYMDQ8WdhB9ehZHKAUnD1MoChc4fAwNDxZ0Aw1xFUc4Lyc/Qz8NKTxICDtvAmoyBDYnZS8NCB1kEgsUBUMDAQcCZjk7eyRxDSgaMl1SGQM8XAIBLjt1LA8Ub3FZAiEyAgYoFQV5GSoDGnEiJTVhZwZ1EzV3GQ4XL3VdAi4vZjIEMTFxKw4PDQIBKgACWB0uAG9yORQ2b3EdDQkcdFMdEz9yGS1xNHY5IndkcQ0WJAd3Ow1kPUMFIjJqelg/GxYFBih0Flw5GyYTcw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-221.fra2.r.cloudfront.net Software / Resource Hash `61f9777aad29812ec63643b55043b67e4583f698bad9115f8e628bb86027071b` Request headers accept-language en-GB,en;q=0.9 Referer https://onakasulback.autos/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:41 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 571 via 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront) x-amz-cf-id 9CAeSV8Dq8xF1ZHGyQBMR1HOKBW6pU6zqMCOsc24jInJu4vxktvzoQ==
GET H2	200	cUkFHMlExLilUbiYoIw9mYXZ0AWF0KzRdPyJ8PnUTEwoOaAQxBRQUJSglegJ3PiApVWx0JClRbGNnJlYzb3VhRzBvLChIOD4tJhdjFHRpAnRgcW9FODwlKEUid3N3XCV3c3cDYXxxYgETd3N3RTg8d3MXYhBkdQIpZHVuF2NiIDdCPTc2IlA6OzViABdncn-AcYmR... Show response djv99sxoqpv11.cloudfront.net/ Frame 3D41	295 B 529 B	317ms 317ms	Script text/plain	13.224.194.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djv99sxoqpv11.cloudfront.net/cUkFHMlExLilUbiYoIw9mYXZ0AWF0KzRdPyJ8PnUTEwoOaAQxBRQUJSglegJ3PiApVWx0JClRbGNnJlYzb3VhRzBvLChIOD4tJhdjFHRpAnRgcW9FODwlKEUid3N3XCV3c3cDYXxxYgETd3N3RTg8d3MXYhBkdQIpZHVuF2NiIDdCPTc2IlA6OzViABdncn-AcYmRkdQJ5OSkzXz13cwQXY2ItLlk0d3N3VTQxKigbdGBxJFojPSwiF2MUcHcHf2JvcgNoZ292AmN3c3dBMDQgNVt0YAdyAWZ8cnEUJG9w Requested by Host: onakasulback.autos URL: https://onakasulback.autos/OXBKUGtYEik9VFhNKHYeSxx3dVl/VXgWD1MGc2kYQR87IB0IQWQzB1YFLjYZVh4+fgVcBG9iLVolIRYjdBwPKCdQHB8yAmAfAydSVCkSClt4JwxgIEMiLgASc0gaPj5tNT0/JFgxGygpayEfGjheHC83IQogIxEbbycyYCF6HBgyLHceADwyQxJ5BgNrCggmJ3oYAx8vDQQAOA9TNgICG3geGDcIbkkMHy9OHAEVPlAUeR5YYTMcYwgKEw4JM0EIEzcubRR5HlhrJC1oDwo9EgkDexsuASJJKgIGHn9CBDkifRQJAD9aQgM8Kg8/MAYCeDIuPghXXQszMlQiITQ6c0UFAwBDKDBhWFoHGwgyCzk+HAdSQC5jJQomHgETchktMg9+MjIaLVYaGgMcUDZ4HT5aOCkYDQs6PDMMdx8QYlILMSceWFpDLhImfSEtHj1NQBMRD0AxHQpTWh4PBSF+ST12AUofJCBWQDcIESBwKh8zL2o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-221.fra2.r.cloudfront.net Software / Resource Hash `13e76dd3deb5cface829f4f41c4ef5e634c1f553341663568b93a44ef2aedd91` Request headers accept-language en-GB,en;q=0.9 Referer https://onakasulback.autos/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 17:26:41 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 253 via 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront) x-amz-cf-id HJltPhiEGcE8-KVG0pqpn1BFcg7f3nfuAeU3WpkRrqPSqv3EeRHG-Q==
GET H3	200	popunder.gif ycadenevery.xyz/	35 B 551 B	67ms 42ms	Image image/gif	104.21.59.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ycadenevery.xyz/popunder.gif Requested by Host: anonfiles.com URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.7 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers accept-language en-GB,en;q=0.9 Referer https://anonfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma public date Wed, 07 Sep 2022 17:26:40 GMT cf-cache-status HIT last-modified Wed, 07 Sep 2022 14:09:56 GMT server cloudflare age 11804 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDiKav7w7oXB91%2BAIZNvzOv3hAvzk5wUNUFs3MZUnMvDuS3V%2BeiRbBqN5XJMRvIAnF69KgDrw0xaRn0QufL5yjT7vuzLWr6%2F57gtWqP5lT7O05SDvr9iHQBe3wo%2FYQWw2pY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 74712699e8c8b2ed-MAN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.anonfiles.com/	1970-01-20 15:25:31	Name: did Value: 186705703947.1662571601
.anonfiles.com/	1970-01-20 05:49:33	Name: sid Value: 791236578382.1662571601
pogothere.xyz/	1970-01-20 14:27:55	Name: csu Value: 890782385078857@1@1662571600
.google.com/	1970-01-20 10:13:02	Name: NID Value: 511=mIAl9-BGtbeyLVm0ojuKg9e55LmWfKFSb-Rbt9NKSLtP8ZHoqPEWEg8Y4Y_MCBX5hE2eZGTNuDWyAStIyYi_WwrxqrwUnwQ2myOQe6NUgN726gZmbKLHJxna0AgJ3POmfQ_MM3U96dSESJQdlvbGaBRo0mrIBqB_whh3xLyvSqs

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anonfiles.com/JdPc12i9o1/4876ec8d-1584713270/Covi.exe Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1190353289%3A1662571600639629&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVKAc_uJHqRt5TjxrRRJ-ZL5kvB78xpi-QxukXQp61mFNQ_uU49qeyUCoth3MD6ITyE0BlEZQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1510082289%3A1662571600655980&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUj1Ga6YWtuOs_6CacWbiFt3pbabYpWBwmro8qU2e69Su9LLwpCCuy4QT9QAs-K3pYG9MODWg Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
anonfiles.com
baconaces.pro
cdn-01.anonfile.com
djv99sxoqpv11.cloudfront.net
onakasulback.autos
opertyvaluat.autos
pogothere.xyz
tebilaterde.xyz
vjs.zencdn.net
www.facebook.com
ycadenevery.xyz
104.21.59.7
107.22.28.167
108.138.17.119
13.224.194.221
188.114.96.3
2001:678:b30:4::d
2a00:1450:4001:802::200d
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:600::729
44.195.137.121
45.154.253.153
52.222.214.56
07575cf7a8d7d2b8edfbea80f8e8a228ecc56a03a567bc60c0ef4dc6ac0f328a
07cd5a4cad20604f77dced9c7d8a92ca9ae3321718e5a1935296e4d75f921a19
09a03e08c73db3d8fb50241f004b69d673ec8ea90a6ca7252d66ce821d0b6db1
0a3a8803b7a137166a04369522ec2b31513dcd4c07e2120107c55d9a7f7b646f
0ab6c46e677fa7e49b6344fcde39c06ff6c014d9163571cdb36f8b5fc59c17eb
13e76dd3deb5cface829f4f41c4ef5e634c1f553341663568b93a44ef2aedd91
1f84928da50557f6d48d75077662b8d831756f60f0fc719baf8e979bd8d4e6fa
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
544fee9d1bff8bc83865ab87538924de207ebe4848787496c7308b91b539b6da
54df4beda3ad05d5c621511ff15b2882588ff457e36132035d5f21fb29f2a750
5debffd2e7a3348d3c16f566f5a884372c0aad59978d3c1067ac7f3cbcfbab1b
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
61f9777aad29812ec63643b55043b67e4583f698bad9115f8e628bb86027071b
6419ac1e4cc4ac8cf36e37cbe055d9b18b20283e3803db27479a809377623b18
6c0a2c4b02f40fb20ef5ee3bf9f7b48054f65a982e56496dde5cab09f8396366
728e008d94e2e3bae2679d50a051562f1ccce1fd604196c7880a3d96f3070354
74db4f5c0fc3232f9e1cb169d54ee013c09c54681209f95a63cc36536943b0d2
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7b6f223153c8eda1b541326f9cd66aeb53a28801c58c4de751fd2f9f6f1d96ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c04b3b52d605637bb4c6a26449c45e5320a3f33f14e8c737ce599433bc19f14
8e7b1cd46120293756d1f21bac4de809d2895c7c26dc7586e3e2a09a0f7c1d64
9091b2493e77eac744b42f7634ab2bbd51f693cc036926c9a91efbeef482d167
963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb
9a4473862ea2b9bd1c5e1543900416e693b33516cae53fde32e1c3a83d3382e4
9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bfd1d04319976b5c2cbbe73ca7197ed05bd718901d49da2f65cecf751d3efc65
c921cfa94c45baaa5333b0bea24a51004c9426d2ad1570c411d435f6ffa89c3d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee607a4919a33f6946c245c09d6db9dd3085ef77bf9f8a7a3a819f3cffe178a7
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

anonfiles.com Open in urlscan Pro 2001:678:b30:4::d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

40 Requests

93 %HTTPS

33 %IPv6

12 Domains

12 Subdomains

12 IPs

7 Countries

467 kBTransfer

1293 kBSize

4 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

anonfiles.com Open in urlscan Pro
2001:678:b30:4::d Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

12
IPs

7
Countries

467 kB
Transfer

1293 kB
Size

4
Cookies

40 HTTP transactions
0 data transactions