anonfiles.com Open in urlscan Pro
2606:4700:e4::ac40:a702 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-05.anonfile.com/y9I0tavfbd/021ea07c-1565615554/400k.txt
Effective URL:
https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt
Submission Tags: falconsandbox
Submission: On November 12 via api (November 12th 2020, 4:07:11 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:e4::ac40:a702, located in United States and belongs to CLOUDFLARENET, US. The main domain is anonfiles.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2020. Valid for: a year.

This is the only time anonfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.148.16.42 45.148.16.42	197595 (OBENETWOR...) (OBENETWORK Obenetwork AB)
6	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY)
1	54.230.228.22 54.230.228.22	16509 (AMAZON-02) (AMAZON-02)
3	99.86.7.68 99.86.7.68	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.65 143.204.201.65	16509 (AMAZON-02) (AMAZON-02)
14	6

1 45.148.16.42 (None, ) 1 redirects

ASN197595 (OBENETWORK Obenetwork AB, SE)

cdn-05.anonfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

anonfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::729 (Ascension Island)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-22.waw50.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-68.fra6.r.cloudfront.net

tionmustai.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-65.fra53.r.cloudfront.net

ourtherss.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	anonfiles.com anonfiles.com	112 KB
3	tionmustai.fun tionmustai.fun	412 B
2	zencdn.net vjs.zencdn.net	139 KB
1	ourtherss.top ourtherss.top	367 B
1	cloudfront.net djv99sxoqpv11.cloudfront.net	67 KB
1	anonfile.com 1 redirects cdn-05.anonfile.com	105 B
14	6

	Domain	Requested by
6	anonfiles.com	anonfiles.com
3	tionmustai.fun	djv99sxoqpv11.cloudfront.net
2	vjs.zencdn.net	anonfiles.com
1	ourtherss.top
1	djv99sxoqpv11.cloudfront.net	anonfiles.com
1	cdn-05.anonfile.com	1 redirects
14	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-05` - `2021-06-05`	a year	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-27` - `2020-12-18`	2 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
tionmustai.fun Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
ourtherss.top Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt
Frame ID: 319A3284D60FD01421E3E22C30D0312F
Requests: 12 HTTP requests in this frame

Frame: https://tionmustai.fun/WnhMV0U7Gi86ejtFLnEwKBRxcnccXX4RITAOdW42Ihc9JzNrSWI0KTUNKDE3NRY4eSs/DGllAw8afw50D0krGgIMC30NPSkeGQBwLCAJEgIDLwodDR8hdBktYzQdLyk9Lw8ZcRMAeD0KDzE1HikDIRsPECk+Hh4MAxZ4EwNrC3wNEDEsGy0HNiAgFRAUAjwEFDI1IhwEGxwPEzIuPCQjJgoreDEHMRx9GxRvNBsTMjM6JCcfFxZ9MwgbOnU2ACo9Dg82azwkASYKKzsWBwxJfjY8aywOZQgiOR0dFApLfTMXNh81GHUqPQ4DMigrJwYDEUt9Mxc9VR49B2tNDzYoAAAfPBQcNSUwIx0UDTwVC0goDwY+QRQDBBshC24HCCkCZSQ2QSkPLykLDT8qCyEeIw4IORlydxw1HQYRHz8KOAYYNhsYAT4/GSAhMDc7NAANEnhuFjEqNjZ3LjoePzE0GRpuAx1KGicWMSkKHgExMgpnJmweGmcyGz8OIRQPLQgzFmsrHTsAIhp9NB0YFTwmHR8uGQ0Sby8YMAhoGRo0FgxKAiUdGDECDgIqHQkWMnwSPzgrKkU6HX1tLQEnAxY3OzY/YxYg
Frame ID: 2F35641BAD5570C107E2BC438293CB39
Requests: 1 HTTP requests in this frame

Frame: https://tionmustai.fun/TlFnREQvMwQpey9sBWIxPD1aYXYIdFUCICQnXn03Nj4WNDJ/YEknKCEkAyI2IT8TaiorJUJ2AhoEIBIUGD0IPgcnFBAeFx8cLHYwOghWDnwUBhd2ADQmUgoHDAgoPC88EBA3CwArXy8OJyUOIgcfNyx2MDw1AC8xARVWMBU3PlMLE38EBhAna2MlCSgmZgQHfDYGJA1xBxUMDg00NUJ2Ahc4KXIhCSFWEnd3dFUGCjQUIA4uKSQ3PB0gMlUvFx8ZVikJNGU1Dy4+dFUCHSIEDgo+ImAxd3x7Gj8SHCgoUmF2CAgLEmF8Ez0jEiYENQYuLWIxHCI0MhYNBSUgLhB8NxUOaR0nN1UNLis8MTAiIgtSJ3YmNjMXFWtjJQgufhsGKRUUNTEgYXwXKC4JeRAgNC8vOwQFCAphViERDGg9Li96Fx4Fcx5iMRwHGWQXIigYOT4pMCkHCgIjL2IxHCI3BFAKIx9oN3d9JxhUNCgsCVITIRYQESYSCyMpA3UhEy88Mi8WKRMIIxMUJRJ/ZCp2MCEQNHUpLwYqBiB8BwgdFQBjQS43IT8XeTABIDQqBS80Ewcgeg
Frame ID: F941610AB75F95475A89128C19B98DB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cdn-05.anonfile.com/y9I0tavfbd/021ea07c-1565615554/400k.txt HTTP 301
https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

14
Requests

93 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

319 kB
Transfer

1118 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-05.anonfile.com/y9I0tavfbd/021ea07c-1565615554/400k.txt HTTP 301
https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request 400k.txt Show response anonfiles.com/y9I0tavfbd/021ea07c-1565615554/ Redirect Chain https://cdn-05.anonfile.com/y9I0tavfbd/021ea07c-1565615554/400k.txt https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt	5 KB 2 KB	1120ms 1103ms	Document text/html	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87b322e00423b7237f2f262b8c3185e8bca9483e57f9aeee1ea248ba24423743` Request headers :method GET :authority anonfiles.com :scheme https :path /y9I0tavfbd/021ea07c-1565615554/400k.txt pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 12 Nov 2020 16:06:52 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d2ea7ae3e28e148276bb4906c9d483a911605197211; expires=Sat, 12-Dec-20 16:06:51 GMT; path=/; domain=.anonfiles.com; HttpOnly; SameSite=Lax; Secure cache-control public, max-age=3600 x-oe N cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4CsIRGx5%2B8qka65senlOOafqfOMju9UzzDE%2FQeNv%2B3wTWWcVrL3pd0G7Ec57XxBQnhZjxEI6ENEyfJ90%2B30r7%2FX%2BqBy9x9f65SeF4RKTNIL3c1jkRaQ0xj36"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5f1180ac1f702bad-FRA content-encoding br Redirect headers status 301 server nginx date Thu, 12 Nov 2020 16:06:51 GMT content-type text/html content-length 178 location https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt
GET H2	200	video-js.min.css vjs.zencdn.net/7.3.0/	35 KB 10 KB	22ms 6ms	Stylesheet text/css	2a04:4e42:1b::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/7.3.0/video-js.min.css Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT content-encoding gzip last-modified Fri, 26 Oct 2018 18:06:27 GMT status 200 etag "895e6b29db41953ef6197815c6be59d3" x-served-by cache-hhn4068-HHN vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 9673 x-cache-hits 11607
GET H2	200	anonfiles.css anonfiles.com/css/	158 KB 22 KB	18ms 17ms	Stylesheet text/css	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/css/anonfiles.css?1603192275 Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `53d19c730c3d24227554c1eb0b2eb5baa4889fb616d9a30bb5e2d6f00212f02e` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT content-encoding br x-oe Y nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 2613 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Nnc4%2FHRz0fD0ZE0ScxlJo0HckxTYD1jpO9P1KByEuDts59Cu0SDOW1B3BhVNJqyb6pe9KcfQTlxnF%2F9r92vlFjQMyJu%2F8zHpmWghMOv6stz%2B3gHZmmYi5v0"}],"group":"cf-nel","max_age":604800} content-type text/css status 200 cache-control public, max-age=14400 cf-ray 5f1180b308b42bad-FRA cf-cache-status HIT x-oh 1
GET H2	200	app.js Show response anonfiles.com/js/	188 KB 55 KB	21ms 20ms	Script application/javascript	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/js/app.js?1603192275 Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6392492d6e82f3ca2251a408bb0a9f3706f7e9261d2455513da85b51972e6c06` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT content-encoding br x-oe Y nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 3380 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mUReeXi5BYSswGH6hRoLmDvosx45qx1Zjhe6tQUbz%2BoV3bFCj8SGTqhIO1FuR5ldTqDQyOG%2FD0NaRvD4wZhVpkt8uKnU36UF8xtFgib7g7hy0FQmDKgGSBqd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=14400 cf-ray 5f1180b308b92bad-FRA cf-cache-status HIT x-oh 1
GET H2	200	logo.png anonfiles.com/static/	18 KB 18 KB	14ms 13ms	Image image/png	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://anonfiles.com/static/logo.png Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1899 status 200 content-length 18441 last-modified Fri, 14 Aug 2020 07:32:39 GMT server cloudflare etag "5f363e17-4809" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FH6UuTjHDyB6ke9SIqS69PlblHC7FsgLK20OiCqun9HPFCxGMia5a0irjBo%2FXR8k72sPR0JUuphKR7H5S7Yjbhh%2FykapbjtwOH%2BRorEqhORSWwt8Yc1UMKW%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 5f1180b359712bad-FRA
GET H2	200	video.min.js Show response vjs.zencdn.net/7.3.0/	465 KB 129 KB	6ms 6ms	Script application/javascript	2a04:4e42:1b::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/7.3.0/video.min.js Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::729 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash `963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT content-encoding gzip last-modified Fri, 26 Oct 2018 18:06:27 GMT status 200 etag "057f19acd50fc7e3ad917dd600889ee5" x-served-by cache-hhn4068-HHN vary Accept-Encoding x-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 132230 x-cache-hits 36
GET H2	200	sw_anonfiles.js Show response anonfiles.com/	44 KB 15 KB	14ms 13ms	Script application/javascript	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/sw_anonfiles.js Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9091b2493e77eac744b42f7634ab2bbd51f693cc036926c9a91efbeef482d167` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 12 Nov 2020 16:06:52 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 12718 status 200 x-vdch Yes x-oe Y server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WCoe85jrVaPlxYwbDybrHtdVMtsGM9%2FonV3ZAPROwycnCS7bGn75zRz0yuqdJz56qvZ0o5RTRkfX3dbsp%2Fbz%2FhoIPJ12gr6WNS2NFg2kG%2Fsi612w8DxnC%2Fsi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 5f1180b339222bad-FRA x-oh 61783
GET H2	200	/ Show response djv99sxoqpv11.cloudfront.net/	205 KB 67 KB	345ms 218ms	Script text/plain	54.230.228.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.22 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-22.waw50.r.cloudfront.net Software / Resource Hash `670b41edce9e9f64c11eacef540c7a672596ceee3e7fc24e4364bd3115629657` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 12 Nov 2020 16:06:53 GMT content-encoding gzip x-amz-cf-pop WAW50-C1 status 200 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 68522 via 1.1 f9efc23cea6c58604ef3f56c3631925f.cloudfront.net (CloudFront) x-amz-cf-id P82NkW5OqV-mSWg7ffx27fmcbHvMkrGaBvKJUQ3Xnzcu08mgn6Qntg==
GET BLOB	200 OK	3af79308-2370-4d64-ba89-af93483ca7b7 https://anonfiles.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://anonfiles.com/3af79308-2370-4d64-ba89-af93483ca7b7 Requested by Host: anonfiles.com URL: https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H2	204	utx Show response tionmustai.fun/	0 412 B	175ms 120ms	XHR text/plain	99.86.7.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tionmustai.fun/utx?cb=0442JFS7TCkN&top=anonfiles.com&tid=737329 Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.68 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-68.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 12 Nov 2020 16:06:54 GMT via 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA6-C1 status 204 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://anonfiles.com cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id jK1rw3da-QVie7pPN_eRvgYsE4o_bSbcRvIuOZ5kZEdtZDl2SjlAtQ==
GET H2	200	YxYg tionmustai.fun/WnhMV0U7Gi86ejtFLnEwKBRxcnccXX4RITAOdW42Ihc9JzNrSWI0KTUNKDE3NRY4eSs/DGllAw8afw50D0krGgIMC30NPSkeGQBwLCAJEgIDLwodDR8hdBktYzQdLyk9Lw8ZcRMAeD0KDzE1HikDIRsPECk+Hh4MAxZ4EwNrC3wNEDEsGy0HNi... Frame 2F35	0 0	142ms 120ms	Document text/html	99.86.7.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tionmustai.fun/WnhMV0U7Gi86ejtFLnEwKBRxcnccXX4RITAOdW42Ihc9JzNrSWI0KTUNKDE3NRY4eSs/DGllAw8afw50D0krGgIMC30NPSkeGQBwLCAJEgIDLwodDR8hdBktYzQdLyk9Lw8ZcRMAeD0KDzE1HikDIRsPECk+Hh4MAxZ4EwNrC3wNEDEsGy0HNiAgFRAUAjwEFDI1IhwEGxwPEzIuPCQjJgoreDEHMRx9GxRvNBsTMjM6JCcfFxZ9MwgbOnU2ACo9Dg82azwkASYKKzsWBwxJfjY8aywOZQgiOR0dFApLfTMXNh81GHUqPQ4DMigrJwYDEUt9Mxc9VR49B2tNDzYoAAAfPBQcNSUwIx0UDTwVC0goDwY+QRQDBBshC24HCCkCZSQ2QSkPLykLDT8qCyEeIw4IORlydxw1HQYRHz8KOAYYNhsYAT4/GSAhMDc7NAANEnhuFjEqNjZ3LjoePzE0GRpuAx1KGicWMSkKHgExMgpnJmweGmcyGz8OIRQPLQgzFmsrHTsAIhp9NB0YFTwmHR8uGQ0Sby8YMAhoGRo0FgxKAiUdGDECDgIqHQkWMnwSPzgrKkU6HX1tLQEnAxY3OzY/YxYg Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.68 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-68.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers :method GET :authority tionmustai.fun :scheme https :path /WnhMV0U7Gi86ejtFLnEwKBRxcnccXX4RITAOdW42Ihc9JzNrSWI0KTUNKDE3NRY4eSs/DGllAw8afw50D0krGgIMC30NPSkeGQBwLCAJEgIDLwodDR8hdBktYzQdLyk9Lw8ZcRMAeD0KDzE1HikDIRsPECk+Hh4MAxZ4EwNrC3wNEDEsGy0HNiAgFRAUAjwEFDI1IhwEGxwPEzIuPCQjJgoreDEHMRx9GxRvNBsTMjM6JCcfFxZ9MwgbOnU2ACo9Dg82azwkASYKKzsWBwxJfjY8aywOZQgiOR0dFApLfTMXNh81GHUqPQ4DMigrJwYDEUt9Mxc9VR49B2tNDzYoAAAfPBQcNSUwIx0UDTwVC0goDwY+QRQDBBshC24HCCkCZSQ2QSkPLykLDT8qCyEeIw4IORlydxw1HQYRHz8KOAYYNhsYAT4/GSAhMDc7NAANEnhuFjEqNjZ3LjoePzE0GRpuAx1KGicWMSkKHgExMgpnJmweGmcyGz8OIRQPLQgzFmsrHTsAIhp9NB0YFTwmHR8uGQ0Sby8YMAhoGRo0FgxKAiUdGDECDgIqHQkWMnwSPzgrKkU6HX1tLQEnAxY3OzY/YxYg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Response headers status 200 content-type text/html content-length 1273 date Thu, 12 Nov 2020 16:06:54 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip x-cache Miss from cloudfront via 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id vn5evYHQKj6sdJxLu-RKCQWt4_6MosMx--Fc-wO3f1qlDm58B7zLrw==
GET H2	200	ZCp2MCEQNHUpLwYqBiB8BwgdFQBjQS43IT8XeTABIDQqBS80Ewcgeg tionmustai.fun/TlFnREQvMwQpey9sBWIxPD1aYXYIdFUCICQnXn03Nj4WNDJ/YEknKCEkAyI2IT8TaiorJUJ2AhoEIBIUGD0IPgcnFBAeFx8cLHYwOghWDnwUBhd2ADQmUgoHDAgoPC88EBA3CwArXy8OJyUOIgcfNyx2MDw1AC8xARVWMBU3PlMLE38EBhAna2... Frame F941	0 0	116ms 116ms	Document text/html	99.86.7.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tionmustai.fun/TlFnREQvMwQpey9sBWIxPD1aYXYIdFUCICQnXn03Nj4WNDJ/YEknKCEkAyI2IT8TaiorJUJ2AhoEIBIUGD0IPgcnFBAeFx8cLHYwOghWDnwUBhd2ADQmUgoHDAgoPC88EBA3CwArXy8OJyUOIgcfNyx2MDw1AC8xARVWMBU3PlMLE38EBhAna2MlCSgmZgQHfDYGJA1xBxUMDg00NUJ2Ahc4KXIhCSFWEnd3dFUGCjQUIA4uKSQ3PB0gMlUvFx8ZVikJNGU1Dy4+dFUCHSIEDgo+ImAxd3x7Gj8SHCgoUmF2CAgLEmF8Ez0jEiYENQYuLWIxHCI0MhYNBSUgLhB8NxUOaR0nN1UNLis8MTAiIgtSJ3YmNjMXFWtjJQgufhsGKRUUNTEgYXwXKC4JeRAgNC8vOwQFCAphViERDGg9Li96Fx4Fcx5iMRwHGWQXIigYOT4pMCkHCgIjL2IxHCI3BFAKIx9oN3d9JxhUNCgsCVITIRYQESYSCyMpA3UhEy88Mi8WKRMIIxMUJRJ/ZCp2MCEQNHUpLwYqBiB8BwgdFQBjQS43IT8XeTABIDQqBS80Ewcgeg Requested by Host: djv99sxoqpv11.cloudfront.net URL: https://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.7.68 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-7-68.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers :method GET :authority tionmustai.fun :scheme https :path /TlFnREQvMwQpey9sBWIxPD1aYXYIdFUCICQnXn03Nj4WNDJ/YEknKCEkAyI2IT8TaiorJUJ2AhoEIBIUGD0IPgcnFBAeFx8cLHYwOghWDnwUBhd2ADQmUgoHDAgoPC88EBA3CwArXy8OJyUOIgcfNyx2MDw1AC8xARVWMBU3PlMLE38EBhAna2MlCSgmZgQHfDYGJA1xBxUMDg00NUJ2Ahc4KXIhCSFWEnd3dFUGCjQUIA4uKSQ3PB0gMlUvFx8ZVikJNGU1Dy4+dFUCHSIEDgo+ImAxd3x7Gj8SHCgoUmF2CAgLEmF8Ez0jEiYENQYuLWIxHCI0MhYNBSUgLhB8NxUOaR0nN1UNLis8MTAiIgtSJ3YmNjMXFWtjJQgufhsGKRUUNTEgYXwXKC4JeRAgNC8vOwQFCAphViERDGg9Li96Fx4Fcx5iMRwHGWQXIigYOT4pMCkHCgIjL2IxHCI3BFAKIx9oN3d9JxhUNCgsCVITIRYQESYSCyMpA3UhEy88Mi8WKRMIIxMUJRJ/ZCp2MCEQNHUpLwYqBiB8BwgdFQBjQS43IT8XeTABIDQqBS80Ewcgeg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt Response headers status 200 content-type text/html content-length 1249 date Thu, 12 Nov 2020 16:06:54 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip x-cache Miss from cloudfront via 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id t4AJ1Npy-90p70kjsC2DFIvDTK0PJ43AdQtu2lD55rmyzj5P00JMVw==
GET H2	200	collect Show response anonfiles.com/analytics/	43 B 351 B	1047ms 1046ms	XHR image/gif	2606:4700:e4::ac40:a702 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anonfiles.com/analytics/collect?v=1&t=pageview&d=94127190682.1605197215&s=306224030923.1605197215&de=UTF-8&ul=en-US&sd=24bit&sr=1600x1200&vp=1600x1200&as=11&z=602716&dl=https%3A%2F%2Fanonfiles.com%2Fy9I0tavfbd%2F021ea07c-1565615554%2F400k.txt&dt=404%20-%20Not%20Found!%20-%20AnonFiles&re= Requested by Host: anonfiles.com URL: https://anonfiles.com/js/app.js?1603192275 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Accept / Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt X-CSRF-Token 9tDViMqFBxDyRTFnCIYVQzOvZaiHwdglouvvbhpD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Thu, 12 Nov 2020 16:06:55 GMT cf-cache-status DYNAMIC last-modified Mon, 28 Sep 1970 06:00:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ck%2FtU%2F9B1V%2FZcmOfD6WMvSp2MKf9oyXlcbfUiecm2xEsHP6kEWu4e6BSX9grajYW3wWnL20WaFX0AyxV403U%2B0h9Ww1tjK2QRHLKXfSXjRpTTpXTWzduIxHA"}],"group":"cf-nel","max_age":604800} content-type image/gif status 200 cf-ray 5f1180c0da892bad-FRA content-length 43
GET H2	200	popunder.gif ourtherss.top/	35 B 367 B	239ms 179ms	Image image/gif	143.204.201.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ourtherss.top/popunder.gif Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.201.65 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-65.fra53.r.cloudfront.net Software / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer https://anonfiles.com/y9I0tavfbd/021ea07c-1565615554/400k.txt User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Thu, 12 Nov 2020 16:06:55 GMT content-encoding gzip x-amz-cf-pop FRA53-C1 status 200 x-cache Miss from cloudfront content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable content-length 58 via 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront) x-amz-cf-id AZxjEZcBZD_gYnf28LaanC6Ww1Dtiv_7LPujmS-B2G3q420l1bHVmg==

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.anonfiles.com/	1970-01-19 13:53:19	Name: sid Value: 306224030923.1605197215
.anonfiles.com/	1970-01-20 07:24:29	Name: did Value: 94127190682.1605197215
.anonfiles.com/	1970-01-19 14:36:29	Name: __cfduid Value: d2ea7ae3e28e148276bb4906c9d483a911605197211

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anonfiles.com
cdn-05.anonfile.com
djv99sxoqpv11.cloudfront.net
ourtherss.top
tionmustai.fun
vjs.zencdn.net
143.204.201.65
2606:4700:e4::ac40:a702
2a04:4e42:1b::729
45.148.16.42
54.230.228.22
99.86.7.68
53d19c730c3d24227554c1eb0b2eb5baa4889fb616d9a30bb5e2d6f00212f02e
5e937c4d8fd33714e43b400f238cf37630e6eaeefa105cca9d77760223a16e94
6392492d6e82f3ca2251a408bb0a9f3706f7e9261d2455513da85b51972e6c06
670b41edce9e9f64c11eacef540c7a672596ceee3e7fc24e4364bd3115629657
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b322e00423b7237f2f262b8c3185e8bca9483e57f9aeee1ea248ba24423743
9091b2493e77eac744b42f7634ab2bbd51f693cc036926c9a91efbeef482d167
963ccc559571c588baa7f6d61513b26277c7847c250773e3270c51f5038216fb
9ae8eacf58c6f1d8dc071a099ef7ef4c88d1c73ef2e71369cd8d7cc7c6aee5c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

anonfiles.com Open in urlscan Pro 2606:4700:e4::ac40:a702 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

319 kBTransfer

1118 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

3 Cookies

Indicators

anonfiles.com Open in urlscan Pro
2606:4700:e4::ac40:a702 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

319 kB
Transfer

1118 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions